Medical device manufacturer Electromed has agreed to resolve claims concerning a June 2021 data breach and ransomware attack with an $850000 settlement. This attack compromised the health credentials of 47200 individuals. Individuals who were affected by the Electromed data breach and received a data breach notification letter will benefit from the terms of the settlement. A subclass of affected Californian individuals is included in the settlement.
Settlement website – ElectromedDataSettlement.com
Objection deadline – 01/03/2023
Exclusion deadline – 01/03/2023
Claim Form – https://lutzelectromed.claims-administrator.com/
Deadline for submitting the claim – 04/01/2023
Final Hearing date – 06/05/2023
Settlement amount – $825K
Potential claim amount – Up to $5,350
Proof of purchase – Documentation of data breach-related expenses.
Electromed is a medical device company having its headquarters in Minnesota. The company markets products like the Smartvest Airway Clearance System. In June 2021, the company discovered a ransomware attack wherein unauthorized parties gained access to the information of employees, customers, and other third-party contractors. The plaintiffs alleged that Electromed failed to protect sensitive credentials by proper enforcement of cybersecurity measures.
Despite not agreeing to any wrongdoing, Electromed has agreed to resolve the data breach allegations with a class action settlement to prevent growing legal costs and the uncertainty associated with trial. The attack was both detected and blocked on 16th June 2021. According to the forensic investigation, the files were both accessed and stolen by malicious parties. These files comprised the first and last names of customers, their medical information, mailing addresses, and health insurance information. Information like financial account information, driver’s license numbers, and Social security numbers of associates affected by the breach were exposed.
The individuals were informed about the ransomware attack in August following which they were offered complimentary identity theft protection and credit monitoring services. The plaintiffs jointly filed a lawsuit against Electromed as the company failed to implement proper cybersecurity measures which could have protected customers’ data despite knowing about the growing threat of ransomware attacks.
An $850000 fund has been set up by Electromed which will cover the reimbursement claims that are related to the data breach. Class members are eligible for claims up to $250 which will reimburse their ordinary expenses including communication charges, bank fees, and up to 4 hours of lost time at $25 per hour. Eligible class members can submit claims for reimbursement of extraordinary losses arising out of fraud and identity theft that have been unreimbursed till now up to a maximum ceiling of $5000.
Other than the claims, the class members are also eligible to receive a cash payment of $30 while the residents of California are entitled to a cash payment claim of $100. All these payments will be made on a pro-rata basis once the settlement total is reached.