Rebecca Day

Google’s “anticompetitive scheme” is “starving the free press” and siphoning “billions of readers and billions of dollars” from publishers, while extracting and publishing their content on Google and diverting “readers and ad revenue,” alleged a class action (docket 1:23-cv-03677) Monday by Helena World Chronicle (HWC) in U.S. District Court for the District of Columbia.

Plaintiff Matthew Hamilton and some 46,000 class members, including former customers, suffered “concrete injuries” due to a data breach at Marshfield, Wisconsin-based Forward Bank, alleged Hamilton's privacy class action Friday (docket 3:23-cv-00844) in U.S. District Court for Western Wisconsin in Madison. Forward Bank maintained, used and shared customers’ personally identifiable information (PII) in a “reckless manner,” the complaint said. Hamilton, a resident of Medford, Wisconsin, received a letter from Forward dated Nov. 17, informing him the bank experienced a “network disruption” Sept. 11 and discovered files may have been “acquired without authorization” on or about Sept. 6, it said. Hamilton is a former Forward customer, who closed his account in 2021, the complaint said. To open that account initially, he had to provide PII including his name, Social Security number “and other sensitive information,” the complaint said. At the time of the data breach, Forward “retained Plaintiff’s PII in its system,” it said. After a “thorough review” of the files, on Oct. 27, the bank learned Hamilton’s PII was identified as “being contained within the potentially affected data," the complaint said. Stolen information may have included Hamilton’s name, Social Security number, driver’s license or other government ID number and financial information, it said. The “disclosure” letter “amounts to no real disclosure at all, as it fails to inform, with any degree of specificity,” critical facts, said the complaint. The letter didn’t disclose the cause of the breach, the vulnerabilities exploited and the remedial measures the bank was undertaking to ensure such a breach doesn’t happen again, it said. Without such details, plaintiff’s and class members’ ability to mitigate risks from the breach “is severely diminished,” it said. The bank didn’t use reasonable security procedures and practices appropriate to the nature of the PII they were maintaining for customers, said the complaint, including encrypting the information or deleting it when it is no longer needed. Experian informed Hamilton that his PII was disseminated on the dark web; he further believes it was sold on the dark web following the data breach, “as that is the modus operandi of cybercriminals that commit cyberattacks of this type,” the complaint said. Hamilton suffered actual injury from having his PII compromised after the breach, including invasion of privacy; theft of his PII; lost or diminished value of his PII; lost time and opportunity costs associated with attempting to mitigate the breach's consequences; loss of benefit of the bargain; and the continued and increased risk to his PII, which “remains unencrypted and available for unauthorized third parties to access and abuse,” it said. Hamilton asserts claims of negligence and negligence per se; breach of implied contract; unjust enrichment; and violation of Wisconsin’s Deceptive Trade Practices Act.

Walmart, Cash App and “John Does” 1-10 “ignore the obvious holes in their inadequate and poorly enforced anti-fraud measures and readily facilitate fraudulent transfers that drain financial resources of the elderly and most vulnerable in our society,” alleged a class action Friday (docket 2:23-cv-10335) in U.S. District Court for Central California in Los Angeles.

Grand Rapids, Michigan-based insurance firm Acrisure didn’t begin informing victims of a Dec. 28 data breach until Nov. 10, said a privacy class action (docket 1:23-cv-01288) Friday in U.S. District Court for Western Michigan, Southern Division. Victims’ identities are “now at risk” because of Acrisure’s “negligent conduct” that allowed their private information to fall into the hands of “data thieves,” said the complaint. Acrisure became aware of “unusual activity” on its systems Dec. 28; an investigation showed unauthorized access to its computer systems occurred from Dec. 1, 2022 to Jan. 28, 2023, the complaint said, quoting the letter to victims. It hired a “data-review firm” to determine what information was in the compromised files and received those results in late August, the letter said. The letter didn’t say why Acrisure “failed to stop the unauthorized access for approximately one month after detecting” the breach, it said. The breach was the direct result of Acrisure’s “failure to implement adequate and reasonable" cybersecurity procedures and protocols necessary to protect the consumers in its network from a “foreseeable and preventable” cyberattack, the complaint said. Acrisure maintained the data of plaintiff Carlos Dias of Lake Mary, Florida, and class members in a “reckless manner” in a “condition vulnerable to cyberattacks,” it said. Acrisure collected and maintained sensitive information of Dias and class members, including their name, address, date of birth, Social Security and driver’s license numbers, financial account numbers and health insurance information, the complaint said. Despite assurances on its website that it protects personal information from “unauthorized access, use, or disclosure,” the company “disregarded the rights” of Dias and class members by “intentionally, willfully, recklessly, or negligently failing to take adequate and reasonable measures to ensure its data systems were protected against unauthorized intrusions,” it said. Dias asserts on behalf of himself and the class claims of negligence, breach of third-party beneficiary contract, unjust enrichment and violation of Florida’s Deceptive and Unfair Trade Practices Act. He seeks actual, nominal, statutory, consequential and punitive damages, attorneys’ fees and costs, and prejudgment interest.

Amazon sued 27 individuals and unknown "John Does" 1-20 in a fraud case involving REKK, a global organization allegedly responsible for stealing “millions of dollars of products from Amazon’s online stores through systematic refund abuse,” said the complaint Thursday (docket 2:23-cv-01879) in U.S. District Court for Western Washington in Seattle.

Six plaintiffs are suing 10 known defendants, plus John Does 1-1,000, for violation of California’s Anti-Spam Law, Business & Professions Code, said their fraud complaint Thursday (docket 1:23-cv-01287) in U.S. District Court for Western Michigan in Grand Rapids.

DirecTV violated the Fair Debt Collection Act when it sent past due notices to a customer who had canceled service on one of his DirecTV accounts, alleged a complaint Thursday (docket 1:23-cv-00354) in U.S. District Court for Southern Mississippi in Gulfport.

Videogame software and hardware companies manufactured, published, marketed and sold gaming products “specifically developed and designed to cause the addiction" experienced by minors and other users, alleged a 19-count complaint Wednesday (docket 1:23-cv-16566) against 15 defendants in U.S. District Court for Northern Illinois in Chicago.

A T-Mobile employee downloaded, without the customer's consent, the private images and videos from a cellphone that customer had traded in, alleged a Nov. 17 negligence complaint (docket 4:23-cv-05166) in Washington Superior Court that removed Wednesday to U.S. District Court for Eastern Washington in Richland.

Plaintiff Tonny Storey’s fraud class action complaint against Amazon for failing to deliver products by a promised date doesn't state a claim for breach of contract, said Amazon’s Rule 12(B)(6) motion to dismiss Tuesday (docket 2:23-cv-01529) in U.S. District Court for Western Washington in Seattle.