[BreachExchange] Scottrade Class Action Filed Over Massive Security Breach

Audrey McNeil audrey at riskbasedsecurity.com
Thu Oct 13 20:33:49 EDT 2016


https://topclassactions.com/lawsuit-settlements/lawsuit-news/346887-scottrade-class-action-filed-massive-security-breach/

Scottrade Inc. is facing a new class action lawsuit accusing the financial
brokerage and bank of negligence and breach of contract over the theft of
4.6 million customers’ confidential information.

The Scottrade security breach reportedly occurred from late 2013 to early
2014.

Scottrade believes that the names and street addresses of almost 4.6
million customers may have been compromised during the cyber attack.

More alarming to the plaintiffs is that Scottrade wasn’t even aware that a
security breach had occurred until the FBI notified them of it almost a
year later in August 2015.

This failure to discover the security breach left many customers
potentially vulnerable to identity theft and fraud.

Plaintiffs Andrew Duqum and Stephen Hine took issue with the discount
brokerage’s alleged deficient cybersecurity measures and filed class action
lawsuits against Scottrade in 2015.

The cases were consolidated in Missouri federal court and was later
dismissed in July 2016 on grounds customers had not shown that they
suffered damages from the 2013-2014 data breach under the Supreme Court’s
recent Spokeo decision.

Now, Hine has refiled his complaint in California Superior Court.

Hine says he opened two brokerage accounts with Scottrade in 2006, and his
personal information was exposed because of the breach, according to his
lawsuit.

In October 2015, Hine received an email from Scottrade confirming his
personally identifiable information (PII) was compromised and taken from
Scottrade’s databases between late 2013 and early 2014.

As a result of Scottrade’s alleged wrongful actions relating to the data
breach, hackers gained access to Hine’s information and sold it causing
Hine to become the victim of identity theft and identity fraud by
unauthorized third parties.

According to the 40-page complaint, Scottrade failed to honor its promises
to keep sensitive personal information confidential and first disclosed the
2013-2014 data breach over a year after it occurred.

“In breach of its duties, Scottrade’s security measures were not even
sufficient to detect the hack, let alone prevent or minimize it. Until the
federal government stepped in, Scottrade was unaware of the massive data
breach,” the lawsuit states.

Additionally, the lawsuit cites that’s Scottrade suffered another data
breach in May 2014 reported by MarketWatch.com in which a Russian national
living in New York hacked into brokerage accounts and made unauthorized
trades from online accounts at Scottrade and other brokerages.

Hine brings this new class action lawsuit on behalf of himself and all
California residents whose personal or financial information was
compromised as a result of the data breach first disclosed by Scottrade on
Oct. 2, 2015.

The lawsuit asks that the court, among other things, requires Scottrade to
pay monetary, statutory and punitive damages to Hine and others.

Hine is also asking for injunctive and declaratory relief as necessary to
prevent these acts and practices.

The plaintiff is represented by Geoff Spreter, and Jeffrey Bennion of
Spreter Law Firm APC; Timothy G. Blood, Thomas J. O’Reardon II, and Paula
R. Brown of Blood Hurst & O’Reardon LLP; and Joseph J. Siprut, Richard L.
Miller II, and Richard S. Wilson of Siprut PC, among others.

The Scottrade Data Breach Class Action Lawsuit is Stephen Hine, et al. v.
Scottrade Inc., et al., Case No. 37-16-00035493-CU-MC-CTL, in the Superior
Court of the State of California, County of San Diego.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20161013/a2b1673c/attachment.html>


More information about the BreachExchange mailing list