A massive data breach has compromised the personal and health information of potentially hundreds of thousands of individuals, sparking a class action lawsuit against two major corporations. On July 18, 2024, Lisa Bledsoe filed a complaint in the United States District Court for the Eastern District of Pennsylvania against Cencora, Inc. and The Lash Group, LLC.
The lawsuit alleges that Cencora and its subsidiary, The Lash Group, failed to secure sensitive personally identifiable information (PII) and protected health information (PHI) following a cyberattack in February 2024. According to the complaint, the exposed data includes first names, last names, dates of birth, health diagnoses, medications, and prescriptions. Plaintiff Lisa Bledsoe contends that businesses handling such sensitive data owe a duty to protect it from unauthorized access. "The harm resulting from a data privacy breach manifests in numerous ways," states the complaint, highlighting risks like identity theft and financial fraud.
Cencora is described as a pharmaceutical giant providing drug distribution and clinical trial support services. Its division, The Lash Group, specializes in patient support technologies. Both companies handle extensive amounts of consumer PII and PHI due to their business operations with healthcare providers and pharmaceutical firms. Despite being aware of the high value hackers place on such data, the defendants allegedly failed to implement adequate security measures.
The plaintiff asserts that Cencora disclosed very little information about the breach initially reported in February 2024. It wasn't until late May 2024 that affected individuals began receiving notifications about their compromised data. The lawsuit accuses Cencora and The Lash Group of negligence and negligence per se for failing to safeguard sensitive information adequately.
Bledsoe seeks compensatory damages for herself and other class members impacted by the breach. She also requests injunctive relief requiring Cencora to improve its data security practices significantly. Additionally, she demands lifetime identity protection services for all victims at Cencora's expense.
Attorneys Gary F. Lynch and Patrick D. Donathen from Lynch Carpenter LLP represent Lisa Bledsoe in this case before Judge [Name] under Case ID 2:24-cv-03158.