A class action filed on Monday claims that Alamonte Springs, Florida-based BioPlus Specialty Pharmacy Services LLC’s negligence permitted hackers to breach its systems and expose the personal information including the sensitive health information of hundreds of thousands of patients.
The Orlando, Florida action filed by a North Carolina resident explains that BioPlus is a pharmacy provider that services over 350,000 patients nationwide. It reportedly holds itself out as the-first-of-its kind independent specialty pharmacy, offering drugs that treat cancer, infusion, multiple sclerosis, hepatitis C, and complex chronic conditions.
According to the filing, BioPlus learned of the breach impacting potentially all its clients’ information on Nov. 11, 2021. Reportedly, the subsequent investigation did not inform BioPlus of what information had been stolen from which clients but did reveal that the malicious actors began to access its systems two weeks prior to the breach.
BioPlus purportedly notified patients of the breach on Dec. 10, 2021, expressing regret for the occurrence and offering them a year of free credit monitoring. The filing also says that the company acknowledged that it would be implementing measures that should have been in place before the breach.
Harms to the plaintiff and putative class include the lost or diminished value of their personal information, the costs associated with the identity theft, tax fraud, and other unauthorized data use prevention, detection, and remediation, opportunity costs like lost time, and the emotional distress associated with the loss of control over their highly sensitive information, the filing says.
The class action states three claims for relief: negligence, negligence per se, and breach of contract. It seeks injunctive relief and various damages.
The plaintiff and putative nationwide class are represented by Kaufman P.A., Cohen & Malad LLP, and Branstetter Stranch & Jennings PLLC. This is the latest in a series of suits filed over the same breach.