DataBreaches.net

DataBreaches.net

The Office of Inadequate Security

Menu
  • Breach Laws
  • About
  • Donate
  • Contact
  • Privacy
  • Transparency Reports
Menu

Settlement of yet another lawsuit against WellPoint /Anthem Blue Cross gets preliminary approval

Posted on July 18, 2011November 1, 2015 by Dissent

If you feel like you need a scorecard to keep track of lawsuits against WellPoint or settlements involving WellPoint, it’s understandable. WellPoint recently settled a lawsuit by the Indiana Attorney General’s Office over delayed notification following a breach that occurred in 2009 and continued until after a customer notified them twice in 2010.   Then they settled a class action lawsuit over an earlier breach that occurred in 2007 and 2008. Now there’s an announcement of a preliminary approval of a settlement oF a class action lawsuit based on the 2009-210 breach:

The Orange County Superior Court (the “Court”) has preliminarily approved a class action settlement in the case entitled Blue Cross of California Website Security Cases, Case No. JCCP 4647, reached with Anthem Blue Cross of California, Anthem Blue Cross Life and Health Insurance Company, The WellPoint Companies, Inc., WellPoint California Services, Inc. and WellPoint Behavioral Health, Inc. (together called “WellPoint/Anthem Blue Cross” or the “Defendants”) in a lawsuit about the potential accessibility of certain personal and financial information contained on individual health insurance applications.  The Court also approved a notice plan to advise the nationwide class of its legal rights, benefits, and options.

The lawsuit alleges that from approximately October 23, 2009, to March 10, 2010, WellPoint/Anthem Blue Cross improperly stored personal information and electronic versions of individual health insurance applications for over 600,000 customers, enrollees or subscribers on its web-based servers without username, password and encryption protections (the “Breach”). This information included personal identifying information and personal health information, such as Social Security numbers, home and office addresses, telephone numbers, credit card numbers and financial information used for premium payments, and other information people may have provided on their health insurance applications.  The lawsuit alleges that WellPoint/Anthem Blue Cross did not adequately protect this information. WellPoint/Anthem Blue Cross denies the claims in the lawsuit. The class settlement does not mean that WellPoint/Anthem Blue Cross did anything wrong.

People included in the settlement are called a “Class” or “Class Members.”  Those who receive a notice about this settlement in the mail and/or email or received a letter from WellPoint regarding this issue between June and August 2010, have been identified as a Class Member. Specifically, the Class includes everyone in the United States, including Puerto Rico, U.S. Virgin Islands and Guam (1) whose private information was on WellPoint/Anthem Blue Cross’ Affected Servers from August 15, 2008, through March 10, 2010, or (2) who received a notification letter from WellPoint/Anthem Blue Cross regarding the alleged failure of WellPoint/Anthem Blue Cross to secure their confidential personal and private information.

Notices informing Class Members about their legal rights will be mailed and emailed directly to them in the weeks leading up to the Court’s November 14, 2011 hearing, where it will consider whether to grant final approval of the settlement.

The Court has appointed Daniel Robinson, Robinson, Calcagnie & Robinson, of Newport Beach, California as Lead Settlement Class Counsel to represent the Class.

In the settlement, Class Members may be entitled to receive, in addition to other benefits, up to two (2) years of Free Debix Credit Monitoring and Identity Theft Insurance (valued at $238.80) at no cost to them (only one (1) year if a Class Member already elected to receive one (1) year of Debix coverage).  Additionally, if a Class Member is found to be a victim of identity theft or loss stemming from the Breach, such a Class Member would be entitled to receive five (5) additional years of monitoring and insurance (valued at $597.00).  Those affected by this settlement can sign up or submit a claim for certain benefits, if eligible, or they can ask to be excluded from, or object to, the settlement.  The deadline for exclusions and objections is October 24, 2011.  The earliest deadline to file claims is September 28, 2011.

A toll-free number, 1-877-527-2354, has been established in the case, along with a website,www.AnthemBlueCrossSecuritySettlement.com, where notices, claim forms, and the settlement agreement may be obtained.  Those affected may also write to WellPoint/Blue Cross Website Security Settlement Administrator, P.O. Box 6177, Novato, CA94948-6177.

Three settlements so far over two breaches. I really do wonder if WellPoint was using the same vendor as had been involved in the 2007-2008 breach. And I wonder if the Connecticut Attorney General decided not to file its own lawsuit against them for delayed notification like Indiana’s Attorney General had. Connecticut had sent a letter of inquiry, investigating, but I never saw any follow-up one way or the other.

Related Posts:

  • Settlement of yet another lawsuit against WellPoint…
  • How many breaches has Anthem had?
  • Have you enrolled for free credit monitoring offered…
  • Indiana sues WellPoint over delayed breach notification
  • Commentary: Is WellPoint blaming others for breach?

Post navigation

← Hacker: JLAudio database hacked; users’ information posted online
JLAudio responds to hack; notifies consumers to change their passwords →

Sponsored or Paid Posts

This site doesn’t accept sponsored posts and doesn’t respond to requests about them.

Have a News Tip?

Email:

Breaches[at]Protonmail.ch
Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Telegram: @DissentDoe

Browse by News Section

Latest Posts

  • The Untold Story of a Massive Hack at HHS in Covid’s Early Days
  • Records reveal new information about Sweetwater Union High School District ransomware incident
  • HHS’ Office for Civil Rights Settles First Ever Phishing Cyber-Attack Investigation
  • Founder and Majority Owner of Cryptocurrency Exchange Pleads Guilty to Unlicensed Money Transmitting
  • Hackers hit Erris water in stance over Israel
  • Data breach by Addenbrooke’s Hospital reveals patient information
  • Millions of patient scans and health records spilling online thanks to decades-old protocol bug
  • Cybersecurity: Federal Agencies Made Progress, but Need to Fully Implement Incident Response Requirements (GAO Report)

Please Donate

If you can, please donate XMR to our Monero wallet because the entities whose breaches we expose are definitely not supporting our work and are generally trying to chill our speech!

Donate- Scan QR Code   Donate!

Social Media

Find me on Infosec.Exchange.

I am also on Telegram @DissentDoe.

RSS

Grab the RSS Feed

Copyright

© 2009 – 2023, DataBreaches.net and DataBreaches LLC. All rights reserved.

HIGH PRAISE, INDEED!

“You translate “Nerd” into understandable “English” — Victor Gevers of GDI Foundation, talking about DataBreaches.net

©2023 DataBreaches.net