PurFoods, LLC

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

PurFoods, LLC, operating under the brand name Mom’s Meals, experienced a significant data breach affecting 1,237,681 individuals. This breach occurred due to a cyberattack that took place between January 16 and February 22, 2023. The attackers deployed ransomware to encrypt files on the company’s network. Although direct evidence of data theft was not confirmed, the presence of tools that could facilitate the unauthorized transfer of data means that the exfiltration of data cannot be ruled out[1][3][4].

The compromised data includes a wide range of personally identifiable information (PII) and protected health information (PHI), such as names, Social Security numbers (for less than 1% of the affected individuals, mostly internal to PurFoods), driver’s license numbers, state identification numbers, financial account and payment card information, medical record numbers, health information, treatment information, diagnosis codes, meal categories and costs, health insurance information, and patient ID numbers[1][3][4].

PurFoods began notifying impacted individuals by U.S. Mail on August 25, 2023, offering 12 months of complimentary credit monitoring services. The company has also taken steps to strengthen its network security to prevent similar incidents in the future[3].

In response to the breach, a lawsuit was filed against PurFoods in the U.S. District Court for the Southern District of Iowa, alleging negligence, breach of implied contract, and other claims. The lawsuit accuses PurFoods of failing to adequately secure its network, resulting in the data breach, and of delaying the notification process to the affected individuals[1].

This incident has attracted the attention of law firms investigating claims against PurFoods for potential compensation for those affected by the breach[6][7]. The breach has raised concerns about the security practices at PurFoods and the potential risks to the privacy and financial well-being of the individuals whose information was compromised.

Citations:

  1. https://www.hipaajournal.com/purfoods-sued-1-2-million-record-moms-meal-data-breach/
  2. https://omaha.com
  3. https://www.purfoods.com/notice-of-data-event/
  4. https://www.malwarebytes.com/blog/news/2023/08/meal-delivery-service-purfoods-announces-major-data-breach
  5. https://www.jdsupra.com/legalnews/mom-s-meals-parent-company-announces-4896182/
  6. https://www.globenewswire.com/news-release/2023/08/30/2734659/0/en/Lynch-Carpenter-LLP-Investigates-Claims-in-PurFoods-LLC-Data-Breach.html
  7. https://www.msdlegal.com/blog/2023/08/purfoods-llc-data-breach-class-action-investigation/
  8. https://www.zoominfo.com/c/moms-meals/151389001
  9. https://apps.web.maine.gov/online/aeviewer/ME/40/c7ad1c53-6e20-41d8-8fb6-f1ccd0e3e0cc.shtml
  10. https://www.bleepingcomputer.com/news/security/moms-meals-discloses-data-breach-impacting-12-million-people/
  11. https://news.bloomberglaw.com/privacy-and-data-security/moms-meals-hit-with-suit-over-data-breach-affecting-1-2-million
  12. https://www.turkestrauss.com/2023/08/26/purfoods-data-breach-investigation/
  13. https://www.myinjuryattorney.com/purfoods-llc-data-breach-investigation/
Breach Submission Date Aug 25, 2023
Converted Entity Name PurFoods, LLC
Converted Entity Type Healthcare Provider
State IA
Individuals Affected 1,229,333
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes