Automation Personnel Services Faces Class Action Over Nov. 2020 Data Breach
by Erin Shaak
Madkin v. Automation Personnel Services, Inc.
Filed: August 26, 2021 ◆§ 2:21-cv-01177
Automation Personnel Services faces a class action over a November 2020 data breach that reportedly compromised employees’ personal information.
Automation Personnel Services, Inc. has been hit with a proposed class action over a November 2020 data breach that reportedly compromised the personal information of the staffing agency’s employees.
According to the suit, the company, who reportedly has more than 37,000 contingent employees, failed to implement reasonable security procedures, including encrypting workers’ personal data, and left the sensitive information “vulnerable to the type of attack launched against it.”
The case claims APS’s failure to protect employees’ data and timely notify them that their personal and financial information was accessed has exposed the workers to an increased risk of identity theft and fraud.
APS is a staffing agency that serves the light industrial work, technical, call center, manufacturing, skilled labor and automotive industries through more than 40 branch offices in 11 states, the suit says. In the course of screening and vetting potential employees, APS collects and maintains the individuals’ personal and financial information, including their names, Social Security numbers, driver’s license numbers, dates of birth, home address, telephone numbers and bank account details.
The lawsuit alleges that in November 2020, an archive of 440GB of data maintained by APS was “leaked on a popular hacker forum.” The suit says the exposed data included corporate accounting and payroll specifics as well as the personally identifiable information of APS employees.
According to the suit, the data breach was a direct result of APS’s failure to properly secure employees’ data, including by encrypting the information with a secure encryption algorithm so that it would be inaccessible without an encryption key. APS, the case alleges, “knowingly disregard[ed] standard information security principles” despite being fully aware of the “obvious risks” of allowing “unmonitored and unrestricted access” to employees’ personally identifiable information.
The lawsuit goes on to claim that although APS learned employees’ personal information had been exposed in the breach “no later than February 3, 2021,” the company waited until March 17 to notify those affected, causing further injury to employees.
The lawsuit, which has been removed from Jefferson County, Alabama Circuit Court to the state’s Northern District Court, looks to cover anyone in the U.S. whose personally identifiable information was acquired by unauthorized individuals in the data breach announced by Automation Personnel Services in March 2021, with a proposed subclass of Alabama residents.
Get class action lawsuit news sent to your inbox – sign up for ClassAction.org’s newsletter here.
Hair Relaxer Lawsuits
Women who developed ovarian or uterine cancer after using hair relaxers such as Dark & Lovely and Motions may now have an opportunity to take legal action.
Read more here: Hair Relaxer Cancer Lawsuits
How Do I Join a Class Action Lawsuit?
Did you know there's usually nothing you need to do to join, sign up for, or add your name to new class action lawsuits when they're initially filed?
Read more here: How Do I Join a Class Action Lawsuit?
Stay Current
Sign Up For
Our Newsletter
New cases and investigations, settlement deadlines, and news straight to your inbox.
Before commenting, please review our comment policy.