Companies often keep not just the information of their employees but also the information of prospective employees who have applied to work there. The complaint for this class action alleges that Marten Transport, Ltd. did not properly secure and safeguard personally identifiable information (PII) of employees and job applicants, and did not give them complete information about the resulting data breach in a timely manner.
The class for this action is all US residents whose PII was or could have been accessed during the security incident that is the subject of the Notice of Data Breach that Marten sent out.
Marten is a freight carrier and logistics company that has a fleet of more than 3,000 refrigerated trucks. The complaint alleges that Marten keeps information on its employees even after they have severed their relationship with the company, and on job applicants even if they are never hired by the company.
The complaint alleges that all this information was available to cybercriminals between September 30 and October 4, 2021, due to Marten’s inadequate protection of it. A cyber gang called Hive claimed responsibility for the breach.
In March 2022, Marten confirmed that the PII of more than 35,000 individuals had been exposed. According to the complaint, the company also took this much time to begin notifying the attorneys general of various states about the data breach. The complaint alleges, “The submission of notification to the California Attorney General is particularly notable because it indicates that the PII involved in the Data Breach was unencrypted on [Marten’s] system when accessed by the cybercriminals.”
The complaint alleges that when Marten collected and stored the information of these individuals, it also accepted “legal and equitable duties” towards those people. According to the complaint, “This PII was compromised due to [Marten’s] negligent and/or careless acts and omissions and the failure to protect the PII…” It says Marten “has also purposefully maintained secret the specific vulnerabilities and root causes of the Data Breach and has not informed” the victims of that information.
Marten failed in its duties, the complaint claims, to adequately protect the information, to warn those whose information it stored of its inadequate safety practices, and to take reasonable and effective measures to secure the information. Marten, it says, also failed to take adequate steps and follow appropriate procedures to encrypt data.
As a result of all this, the complaint claims, debit card information for the plaintiff in this case, Scott Linman, was exposed and around $140 was taken from his bank account. Linman had applied to work at Marten but ultimately did not accept its job offer.
Article Type: LawsuitTopic: Privacy
Most Recent Case Event
Marten Transport Employee and Job Applicant PII Exposed Complaint
April 11, 2022
Companies often keep not just the information of their employees but also the information of prospective employees who have applied to work there. The complaint for this class action alleges that Marten Transport, Ltd. did not properly secure and safeguard personally identifiable information (PII) of employees and job applicants, and did not give them complete information about the resulting data breach in a timely manner.
Marten Transport Employee and Job Applicant PII Exposed ComplaintCase Event History
Marten Transport Employee and Job Applicant PII Exposed Complaint
April 11, 2022
Companies often keep not just the information of their employees but also the information of prospective employees who have applied to work there. The complaint for this class action alleges that Marten Transport, Ltd. did not properly secure and safeguard personally identifiable information (PII) of employees and job applicants, and did not give them complete information about the resulting data breach in a timely manner.
Marten Transport Employee and Job Applicant PII Exposed Complaint