fbpx

Accutech Systems Exposure of Customer PII in Data Breach Class Action

Data breaches are happening all too often nowadays. This is yet another such class action, with the complaint alleging that Accutech Systems Corporation did not take adequate measures to secure and safeguard the personally identifiable information (PII) stored in its systems.

A class and a subclass have been defined for this action:

  • The Nationwide Class for this action is all individuals in the US whose PII or financial information was exposed to unauthorized third parties in the data breach that took place on August 16, 2021.
  • The California Subclass is all those in California whose PII or financial information was exposed to unauthorized third parties in the data breach that took place on August 16, 2021.

According to the complaint, Accutech failed to prevent “the massive and preventable cyberattack that occurred on August 16, 2021, by which cybercriminals infiltrated [Accutech’s] inadequately protected network servers and accessed highly sensitive PII and financial information which was being kept unprotected…”

Accutech offers trust accounting and wealth management services. It therefore stores a great deal of customer financial information. Among the information it collects are names, addresses, and Social Security numbers. The complaint alleges that it has been “obtaining, collecting, using, and deriving a benefit from” this information in operating its business.

The cyberattack took place in August 2021, but the complaint alleges that Accutech only found out what information had been accessed on December 27, 2021, at which point it discovered that “an unknown actor” had gotten access to an employee’s e-mail. The complaint alleges that the company did not begin notifying the victims whose PII had been stolen until January 11, 2022.

According to the complaint Accutech had “obligations created by reasonable industry standards, common law, state statutory law, and its own assurances and representations” to protect the PII it stored and to keep it out of the hands of unauthorized parties.

“Despite this,” the complaint alleges, the victims “remain, even today, in the dark regarding what particular data was stolen, the particular malware used, and what steps are being taken, if any, to secure their PII and financial information going forward. [The victims] are left to speculate as to the full impact of the Data Breach and how exactly [Accutech] intended to enhance its information security systems and monitoring capabilities so as to prevent further breaches.”

The complaint quotes the Data Breach and Encryption Handbook as saying, “[i]n almost all cases, the data breaches that occurred could have been prevented by proper planning and the correct design and implementation of appropriate security solutions.” Also, it says, “Organizations that collect, use, store, and share sensitive personal data must accept responsibility for protecting the information and ensuring that it is not compromised…”

Article Type: Lawsuit
Topic: Privacy

Most Recent Case Event

Accutech Systems Exposure of Customer PII in Data Breach Complaint

February 15, 2022

Data breaches are happening all too often nowadays. This is yet another such class action, with the complaint alleging that Accutech Systems Corporation did not take adequate measures to secure and safeguard the personally identifiable information (PII) stored in its systems.

Accutech Systems Exposure of Customer PII in Data Breach Complaint

Case Event History

Accutech Systems Exposure of Customer PII in Data Breach Complaint

February 15, 2022

Data breaches are happening all too often nowadays. This is yet another such class action, with the complaint alleging that Accutech Systems Corporation did not take adequate measures to secure and safeguard the personally identifiable information (PII) stored in its systems.

Accutech Systems Exposure of Customer PII in Data Breach Complaint
Tags: Exposing Private Information, Exposure to cyber crime, Your Privacy