As a large employer, Parker Hannifin collects and maintains a good deal of information on the individuals who work for it. But the complaint for this class action alleges that it suffered a data breach because it did not comply with “commonly accepted security standards” and thereby compromised the personally identifying information (PII) it held on its employees.
The Nationwide Class for this action is all persons whose PII was maintained on Parker Hannifin Corporation’s servers that were compromised in the data breach.
According to the complaint, Parker is a worldwide technology company that should be well aware of the many data breaches that have occurred throughout the country and of its responsibilities for protecting the PII it holds.
The complaint quotes the company’s Privacy Policy from a section entitled Data Minimization and Retention: “Only the Personal Data that is necessary for a legitimate business reason or as required by applicable laws or regulations (the ‘Purpose’) should be collected and Processed. When the Purpose for the Personal Data has ended or is no longer relevant, the Personal Data should be deleted…”
The Privacy Policy, as quoted in the complaint, also promises: “Parker takes reasonable precautions to protect Personal Data from loss, misuse, and unauthorized access, disclosure, alteration, and destruction.”
Even so, the complaint alleges, Parker suffered a data breach. On May 13, 2022, Parker announced it was undertaking an investigation with a third-party forensic investigation firm. It determined that an unauthorized party gained access to Parker’s systems between March 11 and 14, 2022.
The complaint alleges that the company “did not state why it was unable to detect the unauthorized individuals accessing [Parker’s] servers” or “why it waited for nearly two months before notifying affected employees.”
The information accessed or stolen, the complaint claims, may have included names, Social Security numbers, dates of birth, driver’s license or passport numbers, financial information including bank account numbers, and health insurance information.
Also, the complaint alleges that the information of employees’ dependents may have been accessed as well. According to the complaint, the information of minors may be more valuable than that of adults.
The Federal Trade Commission (FTC) publishes guidelines on information security and the protection of PII for businesses. The complaint alleges, “The FTC has brought enforcement actions against businesses for failing to adequately and reasonably protect customer information, treating the failure to employ reasonable and appropriate measures to protect against unauthorized access to confidential consumer data as an unfair act or practice prohibited by Section 5 of the Federal Trade Commission Act…”
Article Type: LawsuitTopic: Privacy
Most Recent Case Event
Parker Hannifin Compromise of Employee Data Complaint
June 3, 2022
As a large employer, Parker Hannifin collects and maintains a good deal of information on the individuals who work for it. But the complaint for this class action alleges that it suffered a data breach because it did not comply with “commonly accepted security standards” and thereby compromised the personally identifying information (PII) it held on its employees.
Parker Hannifin Compromise of Employee Data ComplaintCase Event History
Parker Hannifin Compromise of Employee Data Complaint
June 3, 2022
As a large employer, Parker Hannifin collects and maintains a good deal of information on the individuals who work for it. But the complaint for this class action alleges that it suffered a data breach because it did not comply with “commonly accepted security standards” and thereby compromised the personally identifying information (PII) it held on its employees.
Parker Hannifin Compromise of Employee Data Complaint