The nation's second largest health insurance company was sued on Thursday after an alleged cyber attack released millions of customers' personal information.

Susan Morris filed the lawsuit against Anthem, Inc., and Blue Cross of California, a subsidiary of Anthem, alleging the security breach exposed damaging information belonging to customers.

Anthem announced this month that the attack potentially exposed private information belonging to its 37.5 million subscribers and the 68 million customers enlisted under one of its affiliates.

The suit alleged that the breach should not have been a surprise to Anthem because the company's track record showed that it had shoddy security protocols. 

Anthem has told media outlets that the company found out about the attack on Jan. 27, but it could go back as far as Dec. 10. Information stolen included Social Security numbers, names, addresses and birthdays. Medical records and credit card information didn't appear to be a part of the attack.

The lawsuit seeks class status for anyone who was an Anthem customers between Dec. 10 and Feb. 4., and more than $5 million in damages plus court costs.

Morris is represented by Aashish Y. Desai, of the Desai Law Firm, P.C., in Austin, Texas.

United States District Court Central District of California case number 8:15-cv-00196.

More News