In these cases Plaintiffs alleged that Accellion: (a) failed to implement and maintain adequate data security practices to safeguard Plaintiffs’ and Class Members’ Personal Information (b) failed to prevent the data event (c) failed to detect security vulnerabilities leading to the data event and (d) failed to disclose that their data security practices were inadequate to safeguard Class Members’ Personal Information.īesides invoking the CCPA, Plaintiffs also asserted claims against Accellion for negligence, negligence per se, invasion of privacy (intrusion upon seclusion), violations of various consumer protection statutes (including the North Carolina Unfair Deceptive Trade Practices Act, the Washington Consumer Protection Act,, the California Confidentiality of Medical Information Action (“CMIA”), the California Customer Records Act (“CCRA”), and the California Unfair Competition Law (“UCL”)), and for declaratory and injunctive relief. Litigation, including a number of California Consumer Privacy Act class action lawsuits, followed. The incident affected a number of public and private sector entities. According to filings in the litigation, cybercriminals targeted vulnerabilities in Accellion’s legacy file transfer (“FTA”) product during December 2020-January 2021. In December 2020, Defendant Accellion notified its customers that it had experienced a data event. This development is notable for its resolution (if approved) only as to Accellion and for the categories of relief offered to class members. This week Plaintiffs in thirteen consolidated cases brought against Accellion and other defendants filed a motion for preliminary approval of a class action settlement in California federal court.
0 kommentar(er)
