Modernizing Authentication — What It Takes to Transform Secure Access
Courthouse News Service reports that a class action lawsuit has been filed claiming that Arizona's Maricopa County Community College District (MCCCD) took too long to notify 2.5 million people that their personal information had been stolen following a data breach (h/t SC Magazine).
The lawsuit claims that while the FBI notified MCCCD that its databases were vulnerable in January 2011, nothing was done to secure the databases prior to the massive breach in April 2013.
"To make matters worse, MCCCD failed to promptly disclose the data breach and failed to notify victims of the data breach in a reasonable or timely manner," lead plaintiff Jason Liebich says. "MCCCD waited over six months, until November 27, 2013, to inform its current and former students, employees, and vendors that the data system was breached and their personally identifiable information may have been sold and exploited."
The lawsuit claims that the breach exposed 2.5 million "names, addresses, phone numbers, email addresses, Social Security numbers, dates of birth, financial and bank account information, demographical information, information related to employment, education, and training, benefits information, academic information, financial aid information, and Federal Employer Identification Numbers."https://l1.cdn.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
Liebich is seeking class certification, compensatory damages, credit monitoring, credit restoration and punitive damages.