class action U logo
Sign Up For a Data Breach Invesitgation
UPDATED:    March 12, 2025

Imagine360 Data Breach Lawsuit

Data Breach Summary

Imagine360

Who Was Affected
Patients and employees of Imagine360
Impacted Data
Names, dates of birth, address, Social Security numbers, financial Information, medications, patient ID number, health insurance information provider name and treatment details, date of birth, driver’s license number, and diagnosis or medical condition Lab results
Date of Breach
May 10, 2024, to May 16, 2024
Have you been affected by Imagine360's data breach?
CLICK HERE TO SIGN UP

Imagine360, an insurance company specializing in health plan solutions for self-funded businesses, discovered on January 24, 2025, that an unauthorized party had accessed an employee’s email account. The incident was disclosed in a filing with the Montana Attorney General.

Imagine360 Data Breach Details

The breach occurred on May 10, 2024, and May 16, 2024, but was not identified until months later, raising concerns about data security protocols and response times.

According to Imagine360, an employee’s email account was accessed without authorization on two separate occasions in May 2024. The company launched an investigation upon discovering the breach and conducted a comprehensive review of the affected emails. Although there is no evidence that the emails were downloaded or copied, the exposure of sensitive information remains a significant privacy risk.

History of Previous Data Breaches

Imagine360 has previously been targeted in cybersecurity incidents. In 2023, the company suffered two separate breaches involving its file-sharing platforms.

The first incident occurred around January 30, when unusual activity was detected within Imagine360’s Citrix file-sharing system, which is used to securely manage data related to self-insured health plans. In response, the company swiftly took the platform offline, reset passwords, and launched an investigation to assess the extent of the breach.

While investigating the Citrix breach, a second attack occurred through a separate file-sharing system, Fortra’s GoAnywhere Transfer solution. A previously unknown vulnerability in the platform was exploited by an unauthorized actor—later identified as the Clop ransomware group—who gained access and extracted sensitive information. Fortra confirmed that the breach was the result of a zero-day vulnerability being exploited.

In response to the recent breach, Imagine360 is offering affected individuals with free identity protection services for either one or two years. Instructions on how to activate these services are provided in the company’s official notification.

What Information Was Compromised?

The compromised data may include:

  • Full names
  • Social Security numbers
  • Addresses
  • Dates of birth
  • Medical diagnoses and treatment details
  • Health insurance information

How to Know if You Were Affected

If you received a data breach notification from Imagine360, your personal information may have been compromised. While most victims are officially notified through a “Notice of Data Breach” in the mail, the consequences—such as fraudulent transactions and identity theft—can begin long before the notice arrives.

Steps to Take if You Were Affected by the Imagine360 Data Breach

Stay Alert for Phishing Scams
Scammers may exploit the data breach by posing as Imagine360. Be cautious of unexpected emails, texts, or calls requesting personal information. When in doubt, verify communications directly with the company through official channels.

Monitor Your Credit and Financial Accounts
Regularly check your bank statements, credit card activity, and credit reports for unauthorized transactions. Set up account alerts to detect suspicious activity early. Take advantage of free credit reports and review them carefully for unfamiliar accounts or discrepancies.

Consider Freezing Your Credit
For added security, request a credit freeze from all three major credit bureaus. This prevents new accounts from being opened in your name while still allowing you to use existing credit. You can temporarily lift the freeze when necessary if applying for credit.

Class Action U, in partnership with KO Lawyers, is helping individuals affected by the Imagine360 data breach explore their legal options. If your personal information was compromised, you may be eligible for compensation.

How Class Action U Can Help

Class Action U is committed to empowering consumers to take collective legal action against corporations that fail to protect sensitive data. By joining a class action lawsuit, affected individuals can pursue compensation efficiently while holding Imagine360 accountable for their negligence.

Potential compensation may cover:

  • Loss of privacy
  • Time spent addressing the breach
  • Out-of-pocket expenses
  • Emotional distress

A successful lawsuit could also compel Imagine360 to strengthen their security measures and prevent future breaches. Contact Class Action U today to determine your eligibility for a data breach class action lawsuit and explore the compensation that may be available to you.

HOME

Related Posts

class action u logo
  • Follow Us

Stay Updated on Active Class Actions

This field is for validation purposes and should be left unchanged.

©2024 ClassActionU