American Bar Association data breach class action overview:
- Who: An American Bar Association account holder is suing the association.
- Why: The plaintiff says the association is responsible for a data breach that exposed up to 1.4 million members’ data.
- Where: The American Bar Association data breach class action lawsuit was filed in a New York federal court.
- What are my options: Norton LifeLock carries many options when it comes to data security.
An American Bar Association account holder is suing the association alleging the association is responsible for a data breach that exposed up to 1.4 million members’ data.
Plaintiff Tiffany Troy filed the class action lawsuit against the American Bar Association (ABA) on April 21 in a New York federal court, alleging negligence.
According to the lawsuit, the ABA failed to secure and safeguard its members’ personal data, including name, address, email address, and phone number.
Thanks to this alleged negligence, on March 17, 2023, a hacker gained access to up to 1.4 million members’ data, the lawsuit states.
Troy says the breach was caused and enabled by the ABA’s “knowing violation” of its obligations to abide by best practices and industry standards in protecting customers’ personal information.
“Defendant grossly failed to comply with security standards and allowed its customers’ financial information to be compromised, all in an effort to save money by cutting corners on security measures that could have prevented or mitigated the Breach,” the lawsuit states.
Those affected were not advised in a timely manner, lawsuit states
According to the lawsuit, ABA’s security failures enabled the hackers to steal personal and financial data from it and put plaintiffs’ financial information at serious and ongoing risk.
“The hackers continue to use the information they obtained as a result of Defendant’s inadequate security to exploit and injure Class members across the United States,” the lawsuit states.
After the hack, those who were affected were not advised in a timely manner, the lawsuit further alleges.
As a result, Troy is suing on behalf of anyone in the United States who registered an account with ABA, plus a New York subclass and a consumer fraud subclass.
The plaintiffs are suing for breach of implied contract and violations of New York Deceptive Acts and Practices Law and seek certification of the class action, damages, fees, costs and a jury trial, as well as three years of credit card monitoring for affected parties.
Meanwhile, Google Fi, Pepsi Bottling Ventures, Reddit, Weee! and the U.S. Marshals Service recently disclosed or confirmed data breaches, while Activision Blizzard has been accused of recently suffering a data breach.
Were you affected by this ABA data breach? Let us know in the comments.
The plaintiff is represented by Aaron Schweitzer of Troy Law PLLC.
The American Bar Association class action lawsuit is Tiffany Troy, et al. v. American Bar Association, Case No. 1:23-cv-03053 in the U.S. District Court for the Eastern District of New York.
