HealthEquity data breach class action lawsuit overview:
- Who: Colin Booth filed a class action lawsuit against HealthEquity Inc.
- Why: Booth claims HealthEquity failed to properly safeguard and secure the personally identifiable information of its customers during a data breach that happened in or about last month.
- Where: The HealthEquity class action lawsuit was filed in Utah federal court.
A new class action lawsuit claims HealthEquity failed to properly safeguard and secure the personally identifiable information (PII) of its customers during a data breach around last month.
Plaintiff Colin Booth claims HealthEquity failed to protect the customer data while having a legal and equitable duty to safeguard it from unauthorized access and intrusion.
“Defendant failed to adequately protect Plaintiff’s and Class Members PII––and failed to even encrypt or redact this highly sensitive information,” the HealthEquity class action says.
Booth wants to represent a nationwide class of individuals whose PII was accessed or acquired by an unauthorized party as a result of the HealthEquity data breach in or about July 2024.
HealthEquity customers now at ongoing risk of identity theft, class action claims
Information exposed in the data breach included HealthEquity customers’ names, addresses, phone numbers, employee IDs, employers, dependent information, payment card information and Social Security numbers, according to the HealthEquity class action.
Booth argues hackers targeted this information to use it to exploit and steal the identities of the HealthEquity customers, who he claims are now at a present and continued risk of identity theft and fraud and will remain so “for their respective lifetimes.”
“This unencrypted, unredacted PII was compromised due to Defendant’s negligent and/or careless acts and omissions and its utter failure to protect customers’ sensitive data,” the HealthEquity class action says.
Booth claims HealthEquity is guilty of negligence and negligence per se, breach of contract and unjust enrichment. He demands a jury trial and requests declaratory and injunctive relief and an award of actual, statutory, nominal, and consequential damages for himself and all class members.
HealthEquity, in a notice filed with the Maine attorney general’s office, said the data breach affected 4.3 million customers and attributed the incident — which the company says occurred in March and was discovered in June — to a vendor’s user accounts becoming compromised.
Were you affected by the HealthEquity data breach? Let us know in the comments.
The plaintiff is represented by Jason R. Hull of Marshall Olson & Hull, P.C. and Gary M. Klinger of Milberg Coleman Bryson Philips Grossman PLLC.
The HealthEquity data breach class action lawsuit is Booth, et al. v. HealthEquity Inc., Case No. 2:24-cv-00553, in the U.S. District Court for the District of Utah.
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
Washington residents: Did you receive a ‘refer a friend’ text for Capital One, Venmo, Tesla, Coinbase, or another company?
September 23, 2025 | Legal News
42 thoughts onHealthEquity class action alleges co. failed to secure customer data
Health Equity, Inc not only rips off its customers if you have below 2500 in an HSA they take $3.95 every month from you. If you close your account they charge $25 — But they also didn’t protect our PII. Maybe I can get some of the money they took from me over the last 7 years without telling me from this class action.
Please add me!
I got a letter stated Dec 23 2024 notice of data breach that included my information in this security data breach
I received a letter from Home Equity about a data breach Health Equity is the parent corporation of Wage Pay Health Equity is the custodian of HSA and third party administrator of FSA/HRA and Cobra plan’s associated with ConAgra Plans Riley Walter Wright Walter Jared Wright and myself Dora M. wright a lot of our personal information was accessed
I received an email about my information being compromised with my current company and previous employer under HealthEquity and I have been with the first company for 18 years and my current 7 years. I’m very concerned about my information being out there.
I got a letter in the mail keep me updated
I received an email that my data was breached.
I received an email from health equity mentioning the impact due to this data breach.
I’m sure I have been affected.
Got a CA letter in the mail, keep me updated!