Startek, Inc. claims to offer “tech-enabled and human assisted digital solutions” related to the customer experience for other businesses. But the complaint for this class action alleges that the company did not provide adequate technical security for itself and its employees and that this negligence led to a cyberattack and data breach that exposed the personally identifiable information (PII) of its workforce.
The class for this action is all persons whose private information was maintained on Startek’s computer systems that were compromised in the data beach and who were sent a Notice of the Data Breach.
“On information and belief,” the complaint alleges, “in the course of collecting Private Information from employees … Startek promised to provide confidentiality and adequate security for employee data…” However, it claims that the recent data breach exposed employee names, Social Security numbers, and dates of birth to cyber-criminals.
The company has more than 40,000 employees in thirteen countries.
The company became aware of the cyberattack on December 23, 2021, the complaint alleges, although it determined that an unauthorized party had accessed it on June 26, 2021, almost a half a year before. The complaint alleges that the information stolen from Startek was not encrypted.
According to the complaint, PII was maintained in the company’s system “in a reckless manner” and “in a condition vulnerable to cyberattacks.” It suggests that the means of the cyberattack and potential for the data breach and disclosure of information were known to Startek and that Startek did not take the steps necessary to protect the information.
The complaint lays out what it alleges were the company’s failures: “failing to disclose that they did not have adequately robust computer systems and security practices to safeguard … Private Information; failing to take standard and reasonably available steps to prevent the Data Breach; and failing to provide [those whose information was exposed] prompt and adequate notice of the Data Breach.”
It adds, “Had [Startek] properly monitored its property, it would have discovered the intrusion sooner,” the complaint asserts.
The complaint claims, “In light of recent high[-]profile data breaches at other industry[-]leading companies…” the complaint alleges, “Startek knew or should have known that its electronic records would be targeted by cybercriminals. The complaint points to data breaches at other well-known companies, such as Microsoft, Wattpad, Facebook, and others, including one at Advanced Info Service which apparently exposed 8.3 billion records in May 2020.
In particular, the complaint alleges, “Social Security numbers … are among the worst kind of personal information to have stolen because they may be put to a variety of fraudulent uses and are difficult for an individual to change.”
Article Type: LawsuitTopic: Privacy
Most Recent Case Event
Startek Employee Information Stolen in Data Breach Complaint
January 28, 2022
Startek, Inc. claims to offer “tech-enabled and human assisted digital solutions” related to the customer experience for other businesses. But the complaint for this class action alleges that the company did not provide adequate technical security for itself and its employees and that this negligence led to a cyberattack and data breach that exposed the personally identifiable information (PII) of its workforce.
Startek Employee Information Stolen in Data Breach ComplaintCase Event History
Startek Employee Information Stolen in Data Breach Complaint
January 28, 2022
Startek, Inc. claims to offer “tech-enabled and human assisted digital solutions” related to the customer experience for other businesses. But the complaint for this class action alleges that the company did not provide adequate technical security for itself and its employees and that this negligence led to a cyberattack and data breach that exposed the personally identifiable information (PII) of its workforce.
Startek Employee Information Stolen in Data Breach Complaint