fbpx

UTM Compromise of Personal Information Class Action

This class action concerns a cyberattack against Utility Trailer Manufacturing Company (UTM), in which the personally identifiable information (PII) in its systems was exposed to unauthorized persons. The complaint alleges that UTM bears responsibility, claiming it “maintained the Private Information in a reckless manner.”

The class for this action is all persons whose private information was exposed as a resultof the cyberattack on UTM and who were sent a notice of the data breach.

UTM makes dry freight vans, refrigerated freight vans, flatbed trailers, and Tautliner curtain-sided trailers, in five factories around the US. It maintains the information of current and former employees in its systems, and the complaint alleges that UTM “had a duty to adopt reasonable measures to protect the PII … from involuntary disclosure to third parties.”

The cyberattack may have begun as early as April 5, 2021, the complaint alleges, with unauthorized access continuing until April 25, 2021.

The complaint alleges that the company maintained the PII “in a reckless manner[,]”that it was kept “in a condition vulnerable to [cyberattacks] of this type[,]” and that the means of the cyberattack “was a known and foreseeable risk” for the company. However, the complaint claims that the company did not discover the data breach until November 23 of that same year, and it did not begin notifying victims until around February 11, 2022.

Among the data exposed in the breach, the complaint says, were full names, addresses, and Social Security numbers.

The Federal Trade Commission (FTC) publishes information for businesses on reasonable data security practices. In particular, the complaint refers to the FTC’s Protecting Personal Information: A Guide for Business, which the complaint says “established cybersecurity guidelines for businesses.” However, the complaint alleges that UTM did not follow the FTC guidelines.

According to the complaint, the “FTC has brought enforcement actions against businesses for failing to protect consumer data adequately and reasonably, treating the failure to employ reasonable and appropriate measures to protect against unauthorized access to confidential consumer data as an unfair act or practice…”

In addition, the complaint claims that industry and national best practices exist for cybersecurity, but it alleges that UTM did not comply with these standards.

Failing to protect the PII maintained in its systems, the complaint alleges, puts employees and consumers at risk for identity theft and fraud. The harm that cybercriminals may do may not take place until years after the theft, the complaint says. The prices for personal information, as quoted in the complaint, may run from $40 to $363.

The counts include negligence, negligence per se, and breach of implied contract.

Article Type: Lawsuit
Topic: Privacy

Most Recent Case Event

UTM Compromise of Personal Information Complaint

March 17, 2022

This class action concerns a cyberattack against Utility Trailer Manufacturing Company (UTM), in which the personally identifiable information (PII) in its systems was exposed to unauthorized persons. The complaint alleges that UTM bears responsibility, claiming it “maintained the Private Information in a reckless manner.”

UTM Compromise of Personal Information Complaint

Case Event History

UTM Compromise of Personal Information Complaint

March 17, 2022

This class action concerns a cyberattack against Utility Trailer Manufacturing Company (UTM), in which the personally identifiable information (PII) in its systems was exposed to unauthorized persons. The complaint alleges that UTM bears responsibility, claiming it “maintained the Private Information in a reckless manner.”

UTM Compromise of Personal Information Complaint
Tags: Exposing Private Information, Exposure to cyber crime, Your Privacy