While recent searches have not turned up a verified class action lawsuit claiming that Hims sold customer ED prescription history to insurance risk assessment companies, Hims and Hers Health has faced multiple confirmed legal challenges related to data privacy and marketing practices since 2022. The company did face serious allegations of leaking sensitive patient medical information to Facebook, Google, TikTok, and other tracking platforms—a breach discovered through investigations by The Markup and documented by law firms handling class actions. Additionally, securities fraud lawsuits were filed in June 2025 alleging false statements about GLP-1 weight loss products, and the company’s partnership with Novo Nordisk was terminated in June 2025 after allegations of deceptive promotion. This article clarifies what is confirmed about Hims’ legal troubles, explains the distinction between verified settlements and unsubstantiated claims, and provides guidance for consumers trying to determine whether they may have valid claims against telemedicine providers.
Table of Contents
- What Data Privacy Issues Has Hims Actually Faced?
- The June 2025 Securities Fraud Claims Against Hims
- The Difference Between Verified Lawsuits and Unverified Claims
- How Telemedicine Companies Share Patient Data
- What Consumers Need to Know About Unverified Claims
- How to Verify Hims Class Action Claims
- What’s Next for Hims Legal Claims and Consumer Protection
What Data Privacy Issues Has Hims Actually Faced?
Hims’ confirmed data privacy problem involves the company leaking sensitive medical information through tracking pixels embedded on its website and mobile app. These pixels sent patient health details to major technology and advertising companies including Facebook, Google, and TikTok—without explicit patient consent. The Markup, a nonprofit investigative journalism outlet, documented this breach and found that patients’ erectile dysfunction, birth control, and other sensitive prescriptions were being transmitted to ad networks.
Law firms including the Lyon Firm have pursued class action litigation around this data sharing, claiming it violated consumer privacy expectations and potentially breached federal telemedicine regulations. Unlike the unverified ED prescription history claim, this data privacy exposure has been independently verified by journalists and documented in litigation filings. However, if you purchased ED medications through Hims and are trying to determine whether you’re affected, the key detail is whether the company’s tracking pixels were active during the time you used their services—this is something class action settlements typically address through class definitions based on purchase dates.
The June 2025 Securities Fraud Claims Against Hims
In June 2025, securities class actions were filed against Hims and Hers Health alleging the company made false public statements about its GLP-1 weight loss products, not about ED prescriptions. The catalyst came when Novo Nordisk—the pharmaceutical company behind Wegovy—terminated its partnership with Hims on June 23, 2025, specifically citing “deceptive promotion and selling of illegitimate, knockoff versions of Wegovy.” This allegation is significant because Hims promoted itself as offering access to weight loss medications, but the securities suits claim these weren’t legitimate Novo Nordisk products.
Unlike the data privacy litigation, which affects anyone who used Hims’ platform, securities fraud claims typically require that you purchased securities (stock) in Hims during the relevant period and held them through the correction—meaning you suffered financial loss. A critical limitation here is that securities litigation is distinct from consumer claims; even if you bought ED medications, you wouldn’t have standing in a securities fraud case unless you also owned company stock.
The Difference Between Verified Lawsuits and Unverified Claims
When evaluating whether a specific class action lawsuit exists, it’s important to distinguish between claims that appear in established legal databases, news coverage from reputable outlets, and unsubstantiated allegations circulating online. The data privacy investigation by The Markup was corroborated by multiple law firms and resulted in documented class action filings. The Novo Nordisk partnership termination was confirmed by both companies in official statements and reported by major news outlets including US News.
By contrast, the specific allegation that Hims sold ED prescription history to insurance risk assessment companies does not appear in current news coverage, published court documents, or major class action tracking databases. This doesn’t necessarily mean the claim is false—it could be very recent, contained in sources not yet widely indexed, or still in early investigation stages—but it does mean consumers should verify through official channels (like the Federal Judicial Center or class action settlement websites) before assuming they have a claim. A practical warning: if you see claims about Hims lawsuits on sites that also sell legal leads or solicit clients aggressively, verify independently through official court records before sharing your information.
How Telemedicine Companies Share Patient Data
The broader context behind Hims’ data privacy violations involves how telemedicine platforms collect and monetize patient information. Unlike traditional pharmacies, which operate under strict HIPAA regulations for in-person services, telemedicine companies operate in a gray area where they function partially as tech platforms and partially as healthcare providers. This dual nature creates opportunities for companies to install tracking pixels, use patient data for advertising targeting, and sell anonymized (or poorly anonymized) health information to third parties.
Facebook and Google’s tracking pixels on healthcare websites are common industry practice, but they create a compliance risk: HIPAA technically doesn’t regulate the telemedicine platform’s use of advertising pixels if the data is sent to third parties before being de-identified. However, if the company fails to properly de-identify the data or doesn’t obtain adequate patient consent, they can face federal FTC enforcement, state consumer protection lawsuits, and class actions. The comparison between Hims’ data privacy violation and the unverified ED prescription claim is instructive: data privacy breaches happen through technical infrastructure that’s often easy to document, while claims about intentional sale of prescription histories to insurance companies would require direct evidence of a business transaction and contractual relationship.
What Consumers Need to Know About Unverified Claims
If you encounter claims about a Hims class action lawsuit that you can’t verify independently, there are several warning signs to watch for. First, be cautious of websites that present unverified allegations as established facts or that use urgent language (“act now or lose your claim”). Legitimate class action settlements are tracked by courts, announced through official settlement websites, and documented in SEC filings if they involve public companies.
Second, verify any specific claims through the Federal Judicial Center’s class action database or by contacting the law firm’s website directly—call their main office number rather than clicking links from unverified sources. Third, understand that telemedicine companies’ data practices are evolving; just because a lawsuit hasn’t been filed yet doesn’t mean a practice won’t eventually trigger legal action, but it also means unsubstantiated rumors shouldn’t drive decision-making. A limitation of the data privacy litigation is that settlements for data breaches typically award modest per-person compensation ($5-50 per class member in many cases) because actual damages are difficult to quantify, especially when the data was “only” shared with ad networks rather than sold to third parties or used for fraudulent identity theft.
How to Verify Hims Class Action Claims
To determine whether you have a legitimate claim against Hims, start by identifying which incident affects you. If you purchased medications through Hims between 2022 and 2024 (the period covered by the data privacy litigation), you may be part of a data breach class. If you purchased ED medications specifically during the alleged deceptive marketing period (if and when such claims are substantiated), you would need documentation of your purchase.
For securities claims, you need proof of stock ownership during the relevant period. Most verified Hims lawsuits include settlement websites where class members can submit claims—these are always hosted on official law firm domains or court-managed settlement sites, never on third-party lead generation sites. As an example, if a legitimate settlement exists for Hims’ data privacy breach, the settlement website would provide a specific claims deadline, instructions for submitting purchase receipts or account statements, and a detailed class definition explaining exactly which customers qualify. Always verify the settlement website URL independently by searching for “[Law Firm Name] Hims Settlement” rather than clicking links from social media or unvetted sources.
What’s Next for Hims Legal Claims and Consumer Protection
As of March 2026, the most active Hims litigation involves the data privacy claims and the aftermath of Novo Nordisk’s partnership termination. Future litigation may address additional allegations if investigations uncover new evidence, but relying on speculative or unverified claims is counterproductive for consumers trying to protect themselves.
The broader trend in telemedicine regulation suggests that federal agencies (FTC, FDA, HHS) are increasingly scrutinizing how digital health companies handle patient data, which may result in new enforcement actions and settlements. For consumers, the lesson is clear: monitor your accounts with Hims for suspicious activity, review privacy policies before signing up with any telemedicine service, and use independently verified claim databases to track legitimate lawsuits rather than relying on unconfirmed internet rumors. If you believe you’ve been harmed by a telemedicine company’s practices, the most reliable path forward is to contact established class action law firms directly or file a complaint with your state’s attorney general.