A proposed class action accusing the Experian consumer credit agency of lax security measures has been filed in federal courts in California and Illinois. WBM attorneys are representing Brendan Moore and Matthew DeVito, the named plaintiffs in the filing in the U.S. District Court for the Northern District of Illinois.
Experian North America confirmed Oct. 1 that the company had been hacked, and some 15 million people may have had their private information exposed. The hack specifically affects “those who applied for T-Mobile USA postpaid services or device financing from September 1, 2013 through September 16, 2015,” according to Experian. The personal information includes names, addresses, dates of birth, military IDs and social security, driver’s license and passport numbers.
The plaintiffs allege that Experian and T-Mobile failed to protect the sensitive data of T-Mobile’s customers and individuals who applied for credit with the phone carrier. “The breach of the security system caused direct and substantial damages to Plaintiffs and class members, as well as the possibility of future harm through the dissemination of private information and possibility of identity theft,” states the complaint filed Oct. 5.
Many of the plaintiffs allege that they already have experienced suspicious activity related to the compromised data, including for example fraudulent home loan applications that have begun to appear on plaintiffs’ and class members’ credit reports.
“This is a very serious breach,” said Gary Mason, WBM partner. “It can take years for individuals whose credit is compromised to have their credit properly restored. That a company responsible for monitoring credit was hacked is outrageous.”
The complaint alleges that T-Mobile represented that it used industry-leading security practices to protect private personal information, but did not follow those practices. The complaint also alleges that the companies violated the Fair Crediting Reporting Act.
The complaint seeks, among other things, an order compelling Experian to:
- notify each person whose consumer credit information was exposed in the security breach
- provide credit monitoring to each such person for at least six years
- establish a fund (in an amount to be determined) to which such persons may apply for reimbursement of the time and out-of-pocket expenses they incurred to remediate identity theft and/or identity fraud (i.e., data breach insurance), from September 16, 2015, forward to the date the above-referenced credit monitoring terminates, and:
- discontinue its wrongful actions, inaction, omissions, want of ordinary care, nondisclosures and the resulting security breach.
If you or someone you know applied for T-Mobile USA postpaid services or device financing between September 1, 2013, and September 16, 2015, please contact Gary Mason at 202-640-1160 or by email at firstname.lastname@example.org.