Truepill class action lawsuit overview:
- Who: Plaintiffs Charles Byrd and Vanessa Wilson filed a class action lawsuit against the digital pharmacy Postmeds Inc., which does business under the name Truepill.
- Why: Postmeds allegedly failed to adequately safeguard consumers’ sensitive data, which was compromised in the Truepill data breach at the end of August 2023.
- Where: The Truepill class action lawsuit was filed in California federal court.
Digital pharmacy Truepill’s negligence allowed the sensitive data of more than 2 million people to be compromised in a data breach, a recent class action lawsuit alleges.
Plaintiffs Charles Byrd and Vanessa Wilson claim Postmeds Inc., which does business under the name Truepill, failed to adequately safeguard customers’ personal information. The plaintiffs say they received a letter notifying them of the Truepill data breach via letters dated Oct. 30, 2023, nearly two months after the data breach was detected.
After the criminals accessed Truepill’s systems in late August 2023, the plaintiffs say they began experiencing suspicious activity and potential fraud. Wilson spent hours resolving unauthorized Venmo password changes, and Byrd experienced a significant increase in phishing emails, phone calls and text messages, according to the Truepill class action.
They say Truepill’s failure to notify them about the data breach deprived them of the ability to defend themselves against the risks in a timely manner.
Truepill data breach compromised sensitive personal and health data, plaintiffs say
Truepill fulfills mail-order prescriptions for a variety of online healthcare companies. The company assures customers that it takes data security “very seriously and has established security standards and procedures to prevent unauthorized access to patient information,” according to the Truepill class action.
Due to the nature of Truepill’s business, customers provide personal identifying information (PII) and protected health information (PHI) to the company. As a healthcare provider, Truepill owes a duty to protect and safeguard the data from unauthorized parties, the plaintiffs say.
However, cybercriminals accessed Truepill’s systems between Aug. 30 and Sept. 1, 2023 and allegedly had “unfettered access” to customers’ PII and PHI during this time.
“The [Truepill data breach] was directly and proximately caused by Postmeds’s failure to implement reasonable and industry-standard data security practices necessary to protect its systems from a foreseeable and preventable cyberattack,” the plaintiffs argue.
“Through this wrongful conduct, the sensitive PII and PHI of almost 2.4 million individuals is now in the hands of cybercriminals, who target this sensitive data for its value to identity thieves.”
As a result of the Truepill data breach, the plaintiffs allege they are at an increased risk of fraud, identity theft and other types of criminal mischief that could potentially affect them for the rest of their lives.
To mitigate the damage from the unauthorized access to PII and PHI, Truepill data breach victims must spend significant time, money and energy to protect themselves.
Byrd and Wilson seek to represent themselves and a proposed class of others who were affected by the Truepill data breach.
Another Truepill class action lawsuit was filed shortly after the data breach was announced.
Were you affected by the Truepill data breach? Tell us about your experience in the comments.
Byrd and Wilson are represented by Robert C. Schubert, Dustin L. Schubert and Amber L. Schubert of Schubert Jonckheer & Kolbe LLP.
The Truepill data breach class action lawsuit is Charles Byrd, et al. v. Postmeds Inc. d/b/a Truepill, Case No. 3:24-cv-00222, in the U.S. District Court for the Northern District of California, San Francisco/Oakland Division.
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
4 thoughts onTruepill hit with another class action over data breach
Received a letter and no update since then
I received a letter from postmeds stating a breach had occurred. I called the number on the letter and started asking various questions. Non the woman could answer and in fact mentioned that the information she was providing was from a script and that she had no further information.
Please add me
Add me please