2024 Arcis Golf Data Breach Impacted Current and Former Employees, Class Action Lawsuit Says

New to ClassAction.org? Read our Newswire Disclaimer

Arcis Golf faces a proposed class action lawsuit over a reported data breach involving employees’ information that was allegedly caused by the golf course operator’s negligent and/or inadequate cybersecurity. 

Want to stay in the loop on class actions that matter to you? Sign up for ClassAction.org’s free weekly newsletter here. 

The 53-page Arcis Golf data breach lawsuit alleges the company, which runs nearly 70 private, resort and public golf clubs nationwide, failed to properly safeguard the sensitive information it collects, stores and maintains through the course of its regular business. The data compromised in the incident includes current and former Arcis employees’ names, addresses, dates of birth, driver’s license numbers, bank account numbers and Social Security numbers, the case states. 

According to the new data breach lawsuit, Arcis maintained current and former employees’ sensitive information unencrypted and unredacted, and hackers “targeted and obtained” the data due to its value in stealing individuals’ identities. 

“The present and continuing risk of identity theft and fraud to victims of the [Arcis Data Breach] will remain for their respective lifetimes,” the filing emphasizes. 

On or around June 27, 2024, victims of the cyberattack began to receive an Arcis Golf data breach notice letter that stated an “unauthorized third party” gained access to the company’s network and acquired certain sensitive files on or around November 16 of last year, the complaint relays. Arcis says that it determined on May 28, 2024 that some personal information was contained in the compromised records, the notice states. 

Left out of the Arcis notice letter was the identity of the perpetrators, the date the company detected the intrusion, the details of the root cause of the breach, the vulnerabilities exploited, and the remedial measures taken by the company to ensure such a cyberattack does not happen again, the proposed class action shares. 

“To date, these critical facts have not been explained or clarified to Plaintiff and Class Members, who retain a vested interest in ensuring that their [personally identifiable information] remains protected,” the case relays, calling the Arcis data breach notice “no real disclosure at all” given the apparent lack of details about the incident. 

The case does not approximate how many people may have been impacted by the reported Arcis Golf data breach. 

The Arcis Golf data breach class action lawsuit looks to cover all United States residents whose personally identifiable information was accessed and/or acquired by an unauthorized party as a result of the data breach reported by Arcis Golf in June 2024. 

Are you owed unclaimed settlement money? Check out our class action rebates page full of open class action settlements.