American Osteopathic Association Data Breach Prompts Investigation into Class Action Lawsuit

Console & Associates, P.C. Investigates Possible Class Action Lawsuit Against the American Osteopathic Association Following Data Breach
MARLTON, N.J. - Jan. 27, 2022 - PRLog -- Recently, the law firm of Console & Associates, P.C. opened an investigation into the recent American Osteopathic Association data breach to determine the legal remedies of those affected by the breach. If evidence turns up indicating that the American Osteopathic Association failed to take the necessary steps to protect consumers' data or otherwise mishandled consumers' sensitive information, the organization may be financially liable through a data breach class action lawsuit.

A data breach is often the result of a cyberattack, where an unauthorized party hacks into an organization's IT systems. In most cases, the data accessed through a breach is either retained by the party conducting the cyberattack or sold to another party. In either case, affected consumers are at an increased risk of experiencing identity theft or financial losses.  While the investigation into the American Osteopathic Association's data-privacy practices is ongoing, the breach raises questions about the organization's efforts to keep consumer data secure. If evidence emerges that the American Osteopathic Association mishandled or failed to protect consumer data leading up to the breach, affected parties may be eligible for financial compensation through a class action lawsuit.

Attorney Richard Console explains, "It's easy to place all the blame for a data breach on the person who hacks into an organization's system; however, this ignores the legal and moral obligation that these organizations owe to customers. When someone gives an organization their business, they trust that the information in the organization's possession will remain private—and out of the hands of criminals. While protecting consumer data requires an organization to undergo some effort and expense, in our current environment of widespread hacking, this is a cost of doing business that all organizations must take seriously."

According to their consumer notice, on June 25, 2020, the American Osteopathic Association first noticed suspicious activity on some of its servers. In response, the American Osteopathic Association worked with a third-party cyber-security firm to investigate the incident. It was determined that certain consumer data was removed from the organization's servers. However, due to the burdens imposed by the COVID-19 pandemic, the Association did not discover the full list of affected parties until the following year. Eventually, the investigation revealed that the sensitive information of nearly 27,500 individuals was compromised. This data includes:
  • Full names,
  • Social Security numbers, and
  • Financial Account Information.
The American Osteopathic Association notes that, to date, there have been no reports that the unauthorized third party used or intends to use the data obtained through the cyberattack. However, an investigation is ongoing. On July 1, 2021, the company sent data breach notifications to all affected parties, informing them of the breach and what they can do to protect themselves.

If it turns out that American Osteopathic Association did not adequately protect the privacy of consumers' data, affected patients may be able to name American Osteopathic Association in a class action data breach lawsuit.

While the investigation into the breach is ongoing, those in receipt of a data breach letter from the American Osteopathic Association should take the following steps to protect themselves:
  1. Carefully review the letter sent by American Osteopathic Association;
  2. Retain a copy of the data breach notification letter;
  3. Enroll in the free credit monitoring service provided by American Osteopathic Association;
  4. Change all passwords and security questions to online accounts;
  5. Frequently review all credit card and bank account statements for any signs of fraud or unauthorized activity;
  6. Monitor credit reports for any unexpected changes or signs of identity theft;
  7. Contact a credit bureau to request a temporary fraud alert; and
  8. Notify all banks and credit card companies of the data breach.
To learn more about this data breach, please visit

Console & Associates P.C. is dedicated to advancing consumers' privacy interests at every opportunity. The firm investigates all types of data breaches, ransomware attacks and other network intrusions to determine the legal rights of consumers who trusted corporations with their sensitive information. Console & Associates, P.C. can be reached through the firm's website at


Like PRLog?
Click to Share