LifeLabs facing proposed class action over data breach affecting up to 15M clients
TORONTO – A proposed class action lawsuit has been filed against medical services company LifeLabs over a data breach that allowed hackers to gain access to the personal information of up to 15 million customers.
In an unproven statement of claim filed in Ontario Superior Court on Dec. 27, lawyers Peter Waldmann and Andrew Stein accuse Lifelabs of negligence, breach of contract and violating their customers’ confidence as well as privacy and consumer protection laws.
They allege LifeLabs’ failure to adequately safeguard their customers’ personal information breached the company’s own privacy policy and led to the release of names, addresses, emails, customer logins and passwords, health card numbers and lab test results.
The class action, which has yet to be certified, asks for more than $1.13 billion in compensation for Lifelabs’ clients, who they say experienced repercussions including damage to their credit reputation, wasted time and inconvenience, and mental distress.
LifeLabs chief executive Charles Brown apologized earlier this month for the breach, which led the company to pay a ransom to retrieve the data.
The company also assured the public that its consultants have seen no evidence that data from LifeLabs has been trafficked by criminal groups that are known to buy and sell such data over the internet.