After hackers compromised information for nearly 80 million Anthem customers earlier this month, the nation's second-largest insurer is being hit with lawsuits across the country.
A central Florida law firm, Morgan & Morgan, filed a proposed class action against the Indiana-based insurer Tuesday, reported the Orlando Sentinel.
The lawsuit claims that, because the insurer neglected to encrypt its data, the information went unprotected. However, no law states that such data must be encrypted, and many companies use this to their advantage to make that data more accessible, the article added.
"I believe this is the most significant data breach yet," John Yanchunis, lead attorney on the case, told the paper. While Florida was not included in the states where the data breach was most severe, the lawsuit applies only to Florida customers of Anthem.
Elsewhere, a lawsuit in Denver was filed Wednesday in the U.S. District Court, alleging that residents' personal information was compromised during the attack, reported the Denver Post. Anthem sells plans in Colorado as Anthem Blue Cross and Blue Shield.
The lawsuit claimed that personal information of a client, Mary Mellon, was stolen around Dec. 10, 2014 but went undiscovered until Jan. 27, 2015.
Additionally, the lawsuit mentioned that, had Mellon thought her private information was so "susceptible to leaks," she would not have overpaid for her premiums; she did so thinking Anthem would keep her information safe.
Now, in light of this recent breach, federal officials plan to review whether HIPAA should require encryption, FierceHealthIT recently reported. At the same time, Anthem said hackers gained access to employee credentials, which is a bigger security issue that whether or not member data was encrypted.