Big Four title firm Fidelity National Financial and its subsidiary mortgage subservicer Loancare are facing a class action lawsuit alleging that they were negligent with customer data and that they breached their contract, after the firm was the victim of a cyber security attack in late-November.
The suit was filed last Tuesday by Teneika Tillis, a Loancare servicing client, in U.S. District Court for Central California. The complaint states that Tillis filed the suit “upon information and belief” that her personal identifiable information had been comprised in the attack.
“The data breach itself and information defendants have disclosed about the breach to date, including its length, the need to remediate defendants’ cybersecurity and the sensitive nature of the impacted data, collectively demonstrate defendants failed to implement reasonable measures,” the complaint states.
In addition, Tillis claims as a result of the data breach the plaintiff class has been “required to continue to undertake time-consuming and oten costly efforts to mitigate the actual and potential harm.”
The complaint also maintains that Loancare should have notified consumers of inadequate security measures after it reported a data breach around August 2022. “Defendants thus failed to take reasonable measures to secure its system,” the lawsuit said.
Roughly a week after initially reporting the attack, Fidelity said the incident was contained, however the firm has yet to disclose the type of personal information that may have been acquired by the cyber criminals or the number of clients impacted by the incident.
Shortly after the incident, ransomware gang AlphV/BlackCat claimed responsibility.
In an online post last week, AlphV/BlackCat blamed Fidelity for allegedly hiring incident responders from Google’s Mandiant unit and threatened to disclose information on data it collected.
Tillis is demanding a jury trial and a damages amount that is “equitable relief with pre-judgment and post-judgment interest” to the plaintiff and members of the class.
Mr.Cooper, which became the victim of a cyber security attack in late October, is currently facing four class action suits as a result of the attack.
Related
Source link