The complaint, filed in the U.S. District Court of the Southern District of California, contends that California-based Solera “failed to adequately safeguard class members’ personal and medical information,” allowing hackers “to steal everything they could possibly need to commit nearly every conceivable form of identity theft.”
In November, Solara announced that an unknown third party had gained access to some employee Office 365 accounts from April 2 to June 20 as a result of a phishing email campaign.
Potentially compromised patient data, the firm said, included: “name, address, date of birth, Social Security number, Employee Identification Number, medical information, health insurance information, financial information, credit / debit card information, driver's license / state ID, passport information, password / PIN or account login information, billing / claims information and Medicare ID / Medicaid ID.”