365 Data Centers Ransomware Attack and Outage Class Action

The defendant in this case, 365 Data Centers Services, LLC, provides what the complaint for this class action calls hybrid data services to other businesses. Unfortunately, on May 14, 2022, 365 suffered a ransomware attack that caused its entire cloud network to shut down and destroyed its clients’ data and infrastructure. The complaint alleges that 365 did not secure its systems and data from cyberattacks, causing them ongoing losses and possible legal liability.

The Nationwide Class is all individuals and businesses who are clients of 365 Data Centers who experienced disruptions in service or were otherwise affected by the ransomware attack against 365 Data Centers that began on May 14, 2022. A Nationwide Subclass has also been defined for all such individuals and businesses located in the US.

According to the complaint, 365 offers small and medium-sized businesses colocation (rented space for servers and other hardware), network connectivity and IP services (on how data packets move through a network), cloud services (services made available from cloud computing providers’ servers), and other services. These kinds of services help businesses do serve their customers and do what they need to do online.

The complaint quotes 365’s website as saying that, through its “nationwide network backbone, 365 delivers low latency service, lower transport costs and supports disaster backup plans” and that, among other things, it promised its clients “Disaster Recovery as a Service” as well as “Comprehensive cloud or hybrid backup solutions.” The complaint alleges it also claimed “365 Data Centers delivers a cloud-ready, secure disaster recovery solution for mission-critical applications.”

Despite these and other promises, the complaint alleges, “The Ransomware Attack permanently prevented access to [365’s] cloud infrastructure and [365] contends that the entire infrastructure must now be rebuilt. The Ransomware Attack and its consequences have prevented and will continue to prevent 365’s clients, and the customers of those clients, from conducting any type of routine and ordinary business.”

The complaint claims that 365’s clients “could not access their websites, customer portals, and other critical information technology infrastructure … supported by 385’s network systems, thereby causing significant business interruption and disruption and lost revenues.” The disruptions continue as of the May 27, 2022 date of filing of this class action.

According to the complaint, 365 failed to implement the measure recommended by the US government and the US Cybersecurity & Infrastructure Security Agency and failed to comply with Federal Trade Commission guidelines.

The complaint alleges that 365’s “wanton, willful, and reckless disregard caused a complete and total interruption of service, and further caused Plaintiff and Class Members monetary and other damages.”

Article Type: Lawsuit
Topic: Contract
Tags: Breach of Contract, Deceptive Advertising, Negligence, Ransomware Attack