Highmark data breach class action lawsuit overview:
- Who: A John Doe filed a class action lawsuit against Highmark Inc.
- Why: The plaintiff claims Highmark bears responsibility for a December 2022 data breach due to alleged negligence and a failure to safeguard its network servers.
- Where: The class action lawsuit was filed in Pennsylvania federal court.
Highmark failed to properly secure and safeguard the protected health and personally identifiable information of the health care company’s patients during a December 2022 data breach.
An anonymous plaintiff claims Highmark inadequately protected its network servers, thereby allowing cybercriminals to infiltrate and compromise the highly sensitive patient information.
The plaintiff also accuses Highmark of failing to inform victims of the data breach until Feb. 13 despite allegedly discovering it as early Dec. 13.
“Indeed, Representative Plaintiff and Class Members were wholly unaware of the Data Breach until they received letters from Defendant informing them of it,” the class action states.
Highmark data breach exposed Social Security numbers, other personal information, lawsuit states
The Highmark data breach allegedly exposed patients’ full names, addresses, birthdates, phone numbers, email addresses, Social Security numbers and health enrollment information, among other things.
“Representative Plaintiff seeks to hold Defendant responsible for the harms it caused and will continue to cause Representative Plaintiff and at least 300,000 others similarly situated persons in the massive and preventable cyberattack,” the Highmark class action states.
Joe Doe accuses Highmark of unjust enrichment, breach of the implied covenant of good faith and fair dealing, breach of implied contract and negligence.
The plaintiff wants to represent a nationwide class and Pennsylvania subclass of individuals who had their personally identifiable information, protected health information and/or financial information exposed to unauthorized third parties during the Highmark data breach.
He demands a jury trial and requests declaratory and injunctive relief along with an award of actual and/or statutory damages for himself and all class members.
In other health care data breach news, Kaiser announced in June 2022 it suffered a data breach that allowed a hacker to access an employee’s account containing the protected health information of some of its patients.
Were you impacted by the Highmark data breach? Let us know in the comments.
The plaintiff is represented by Gary F. Lynch and Nicholas A. Colella of Lynch Carpenter LLP, and Daniel Srourian of Srourian Law Firm PC.
The Highmark class action lawsuit is Doe, et al. v. Highmark Inc., Case No. 2:23-cv-00250, in the U.S. District Court for the Western District of Pennsylvania.
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
NEC lawsuit: Families take action against Enfamil and Similac baby formula makers
September 10, 2025 | Legal News
9 thoughts onHighmark class action alleges preventable data breach affected at least 30K patients
What is the status of this claim ?
I was affected by this breach. I have been using the credit companies provided to assist with my information not being stolen. I actually worked for Allegheny Health IT during this breach and am familiar with this extensive delay along with the lack of software. I was transferred to Engen/Highmark in December 2022 and subsequently had my position eliminated in Feb 2023.
[email protected]
I was affected by the Highmark data breach as well as my wife.
I was affected by this data breach
I was notified a while back that my information was part of the data breach. I have never heard any more about it. It happened a week or two after I had saw a,doctor in Delaware. Can you please provide me more information on how to join a class action lawsuit if there is one?
I was affected by this.
Both of my parents were effected.
Add me
I have been affected