Capital One Hit with Class Action Lawsuit Hours After Announcing Data Breach Affected More Than 100M Consumers
Zosiak v. Capital One Financial Corporation et al.
Filed: July 30, 2019 ◆§ 1:19-cv-02265
Capital One faces a proposed class action lawsuit over a March 2019 data breach that affected the sensitive information of more than 100 million card holders.
District of Columbia
Hours after announcing that the data of consumers and small businesses was accessed during a data breach, Capital One Financial Corporation finds itself as the defendant in a proposed class action lawsuit centered on its alleged failure to safeguard the financial and personal details of roughly 106 million credit card customers and applicants.
Filed in federal court in the District of Columbia, the complaint details that the information accessed by a now-indicted Seattle-based hacker includes bank account numbers, snippets of transaction histories, self-reported incomes, credit scores and personal information, such as Social Security numbers, addresses, phone numbers, email addresses and birth dates. According to the lawsuit, the data breach occurred on March 22 and 23, 2019 yet was discovered by Capital One and co-defendants Capital One, N.A. and Capital One Bank (USA), N.A. on July 19. Capital One, the case stresses, waited until July 29 to disclose the breach, more than four months after proposed class members’ information was compromised.
The lawsuit states Capital One only discovered the cyber incident after an unrelated third party sent the company the below email, which included a link to a file containing the information stolen during the data breach:
The lawsuit argues Capital One had an obligation to protect its customers’ confidential information from unauthorized access, promising as much in its credit card applications that make explicit reference to 256-bit Secure Sockets Layer (SSL) Technology. From the complaint:
“Defendants’ security failures demonstrate that they failed to honor their duties and promises by not:
a. maintaining an adequate data security system to reduce the risk of data breaches and cyber-attacks;
b. adequately monitoring its system to identify the data breaches and cyber-attacks; and
c. adequately protecting Plaintiff’s and the Class’s Sensitive Information.”
The lawsuit looks to cover a proposed class of consumers across the United States whose sensitive information was maintained on the servers of Capital One and the cloud computing company used by Capital One and was compromised as a result of the data breach announced on July 29.
The lawsuit can be read below.
Hair Relaxer Lawsuits
Women who developed ovarian or uterine cancer after using hair relaxers such as Dark & Lovely and Motions may now have an opportunity to take legal action.
Read more here: Hair Relaxer Cancer Lawsuits
How Do I Join a Class Action Lawsuit?
Did you know there's usually nothing you need to do to join, sign up for, or add your name to new class action lawsuits when they're initially filed?
Read more here: How Do I Join a Class Action Lawsuit?
Stay Current
Sign Up For
Our Newsletter
New cases and investigations, settlement deadlines, and news straight to your inbox.
Before commenting, please review our comment policy.