Acadian Ambulance sued in federal court over cyber attack Business theadvocatecom

pAcadian Ambulance personnel load a car crash victim into an ambulance on the I49 frontage road Thursday May 21 2020 in Carencro LappAcadian Ambulance personnel load a car crash victim into an ambulance on the I49 frontage road Thursday May 21 2020 in Carencro LappAt least six federal class action lawsuits have been filed against Lafayettebased Acadian Ambulance over a cyber security breach earlier this year in which private customer and employee information like medical histories and Social Security numbers were stolen and held for ransomppC Randall Mann vice president of marketing public relations said in a statement Wednesday the company believes the number of people affected by the cyber attack is much lower than the attackers allege and that private employee data such as full Social Security numbers were not compromisedppThe lawsuits were filed between July 30 and Aug 5 in federal court in the western district of Louisiana in LafayetteppAngela Broussard of Terrebonne Parish Anita Robertson Hulse of Killeen Texas Dylan Stanford of Ragley Dari Vizier of Thibodaux Benjamin Fontenot of St Landry who worked for Acadian Ambulance from 200418 and 202022 and April Butler of Texas filed the lawsuits on behalf of themselves customers and current and former Acadian Ambulance employees whose information was stolenppAcadian Ambulance which operates air and ground ambulance services in Louisiana Texas Mississippi and Tennessee issued a news release in June announcing it had been the victim of a cyberattack recently The announcement was slim on details such as who was responsible and what information was targeted A spokesman declined further comment at the timeppHacking group Daixin Team told a data breach website in July it was responsible for the ransomware attack in which about 10 million unique records were stolen from Acadian AmbulanceppBroussards lawsuit alleges the breach affected about 827000 patientsppThe lawsuit by Hulse represents at least 100 putative class members whose claims allegedly exceed 5 millionppDiaxin reportedly demanded 7 million in ransom Acadian Ambulance allegedly offered to pay 173000 which the thieves allegedly rejectedppThe lawsuits allege Acadian Ambulance failed to properly secure plaintiffs and class action members personally identifiable information and personal health information despite warnings in recent years of cyber security threats particularly aimed at medical institutions and patient informationppDaixin is suspected of stealing patient names dates of birth phone numbers medical histories case histories employment information symptoms and suspected drug use Broussards lawsuit statesppThe breach several of the lawsuits allege puts customers and employees at current and ongoing risk of fraud and identity theft They allege the victims have spent considerable time and money trying to mitigate the effects of the breach such as closing out accounts and monitoring financial data almost constantlyppBroussards lawsuit seeks an order requiring Acadian Ambulance to fully disclose the nature of the information that was stolen and to adopt security practices and safeguards to prevent future breachesppThe lawsuits for the most part list the same claims against the company negligence breach of implied contract breach of fiduciary duty unjust enrichment and invasion of privacyppViziers also alleges violation of the Louisiana Unfair Trade Practices and Consumer Protection Law on behalf of a Louisiana subclass of plaintiffs and violation of the Louisiana Database Security Breach Notification Law also on behalf of a Louisiana subclass of plaintiffsppBroussard also alleges breach of confidenceppAcadians statement Wednesday says the company upon learning of the breach responded quickly to maintain the security of our systems and to ensure there was no disruption to patient careppThe company Mann wrote resumed normal business operations quickly notified federal law enforcement of the attack and will comply with all necessary legal requirementsppThe company continues to work with thirdparty specialists to investigate the nature and scope of the breachppEmail Claire Taylor at ctaylortheadvocatecomppdescriptionppEmail notifications are only sent once a day and only if there are new matching itemsppNews TipsnewstipstheadvocatecomppOther questionssubscriberservicestheadvocatecomppNeed help ppYour browser is out of date and potentially vulnerable to security risksWe recommend switching to one of the following browsersp