The Manchester, New Hampshire-based medical equipment company, NuLife Med, has agreed to settle a class action lawsuit that was filed in response to a March 2022 data breach that affected more than 80,000 individuals.

NuLife Med identified suspicious activity within its computer network on March 11, 2022. The forensic investigation revealed hackers had access to its systems between March 9 and March 11, 2022, during which time data was viewed or exfiltrated. The compromised data included names, addresses, medical information, health insurance information, and in some cases, Social Security numbers, driver’s licenses, and financial account/credit card information.

A lawsuit was filed in the US District Court for the Southern District of Florida – Pires, et al. v. NuLife Med LLC – that alleged NuLife Med was negligent for failing to implement appropriate safeguards to keep patient data private and confidential, which allowed a data breach to occur that was entirely preventable. The lawsuit claimed that the plaintiff, Victor Pires, and similarly situated individuals, suffered an injury as a result of the negligence and incurred out-of-pocket expenses dealing with the data breach.

NuLife Med chose to settle the lawsuit to avoid the expense of ongoing litigation and the uncertainty of trial; however, admitted no wrongdoing. The total value of the settlement has not been disclosed. Individuals who received a notification letter from NuLife Med about the data breach are entitled to submit a claim if they can provide documented proof of losses and will receive a check for up to $25. Alternatively, class members can elect to receive one year of credit monitoring services instead.

The deadline for submitting a claim is June 20, 2023. The deadline for objection to or exclusion from the settlement is May 16, 2023. The final approval hearing for the settlement has been scheduled for June 5, 2023.

The post NuLife Med Settles Class Action Data Breach Lawsuit appeared first on HIPAA Journal.