Exposing Private Information
When data breaches happen, it’s important that companies discover them promptly, put an end to them promptly, and just as promptly let customers know. This data breach class action, against Starwood Hotels & Resorts and its parent company, Marriott International, Inc., claims that hackers had access to customer data for four years and that the companies waited for more than two months before publicizing the breach when they discovered it.
Data breaches are bad enough. But when a company does not promptly tell customers that their information has been exposed, people get angry. The complaint for this class action alleges that Five Below, Inc. suffered a data breach and waited for a month before telling its customers.
On July 17, 2015, the Regents of the University of California revealed that UCLA Health had suffered a cyber intrusion, although it is unclear whether the attackers accessed or removed information in the network. The resulting class action, which alleged that cybersecurity was inadequate, is being resolved by this settlement.
Taconic Biosciences, Inc. is settling a class action concerning a data breach that occurred around the end of January 2017. The complaint alleged that the company was negligent, among other things, and that that led to the exposure of employee W-2 information.
Kimpton Hotel & Restaurant Group, LLC is settling a class action centering on a data breach that took place from February 16 to July 7, 2016. The attack installed malware on servers that processed payment cards, taking card numbers, expiration dates, and verification codes, and in some cases cardholder names as well.
This class action concerns Americans working in a Joint Defense Facility Pine Gap (JDFPG) in Alice Springs, Northern Territory, Australia. The complaint alleges that private tax information was illegally disclosed to their employers, and that the employees were later coerced into agreeing to disclosure of their tax information, to ensure that they were completing their returns as their employers wished.
Community Health Systems Professional Services Corporation (CHSPSC) is settling a suit consolidating a number of class actions about a data breach in its systems in April and June 2014. The breach is believed to have been perpetrated by an Advanced Persistent Threat group originating in China.
This settlement resolves a class action that alleged that Sonic Corporation did not take adequate measures to prevent a data breach that occurred during 2017, exposing customer information.
A fund of $2 million is the result of a settlement between Arby’s Restaurant Group, Inc. and plaintiffs who filed a class action about an Arby’s data breach. The cyberattack targets certain corporate-owned Arby’s restaurants and exposed customer payment card information. The complaint alleges that Arby’s was responsible for the data breach.
Experian is putting aside $22 million to settle a class action regarding a data breach that took place in September 2015. The complaint alleged that Experian did not take adequate precautions to prevent the data breach, which exposed the personal information of approximately 15 million T-Mobile customers who applied for services or device financing through September 16, 2015.