in Newswire Published on January 9, 2023

Class Action Claims Everest Failed to Protect Private Customer Info from Data Breach [DISMISSED]

by Kelsey McCroskey

Last Updated on September 19, 2024

View Comments

Adkins v. Everest Global Services, Inc.

Filed: January 3, 2023 § 3:23-cv-00004-MAS-LHG

Read Complaint

A proposed class action lawsuit accuses Everest Global Services, Inc. of failing to protect customers’ personal data from a cyberattack in August 2022.

Defendant(s)

Everest Global Services, Inc.

Law(s)

Federal Trade Commission Act

State(s)

New Jersey

Categories

Technology Privacy Data Breach

September 19, 2024 – Everest Global Service Data Breach Lawsuit Dismissed; Plaintiff Can Try Again

The proposed class action lawsuit detailed on this page was dismissed on August 21, 2024 with leave for the plaintiff to amend the case.

Want to stay in the loop on class actions that matter to you? Sign up for ClassAction.org’s free weekly newsletter here.

In a 29-page opinion granting Everest’s motion to dismiss the amended complaint, U.S. District Judge Robert Kirsch found that the court was unable to discern whether Everest was responsible for safeguarding the plaintiff’s personal information from unauthorized disclosure given that the consumer failed to succinctly describe her relationship with the insurance company.

“In the case at bar, without explanation as to how [the defendant] acquired [the plaintiff’s] [personally identifiable information], the court cannot assess whether it would be fair to hold that defendant had a duty to protect this information,” Judge Kirsch wrote.

According to the judge, the plaintiff also failed to provide any evidence suggesting that Everest offered an implied promise to protect her data.

Judge Kirsch gave the plaintiff 30 days to file a second amended complaint, should she decide to do so.

Are you owed unclaimed settlement money? Check out our class action rebates page full of open class action settlements.

A proposed class action lawsuit accuses Everest Global Services, Inc. of failing to protect customers’ personal data from a cyberattack in August 2022.

According to the 40-page lawsuit, email accounts in the New Jersey insurance provider’s network were hacked by cybercriminals between August 8 and August 16, compromising the private information of the defendant’s clients. The case relays that the personally identifiable information (PII) accessed in the data breach included full names and Social Security numbers.

Want to stay in the loop on class actions that matter to you? Sign up for ClassAction.org’s free weekly newsletter here.

The suit alleges that Everest “negligent[ly]” and “reckless[ly]” failed to safeguard its customers’ data, leaving the sensitive information in its network “accessible, unencrypted, unprotected, and vulnerable” to data thieves.

In addition, the complaint takes issue with Everest’s alleged failure to notify victims in a timely manner that their private data had been accessed by an unauthorized third party. The defendant discovered “suspicious activity” on its network on August 15, the lawsuit relays, but it was not until four months later, on December 16, that clients affected by the breach received notice, the case claims.

Per the filing, by storing and benefitting from its customers’ information, Everest was legally obligated to safeguard the sensitive data and “should have known that it was responsible for protecting Plaintiff’s and Class Members’ PII from unauthorized disclosure.”

The complaint says the defendant itself recognized the importance of data security two years earlier in a blog post about cyberattacks, and, according to the lawsuit, this shows that Everest understood the need to protect the private information stored in its network.

As a result of Everest’s “negligent conduct,” those who were affected by the data breach now face a significant risk of identity theft, fraud, phishing scams, and other illegal activity, the case contends.

“[Personally identifiable information] is particularly valuable because criminals can use it to target victims with frauds and scams,” reads the complaint. “Once PII is stolen, fraudulent use of that information and damage to victims may continue for years.”

The plaintiff, a resident of Ohio, discovered in December that her information had been compromised by the data breach and has since received numerous phishing calls and emails, the suit says.

The lawsuit looks to represent anyone identified by Everest as among those who were affected by the August 2022 data breach, including those who were sent notice of the breach.

Get class action lawsuit news sent to your inbox – sign up for ClassAction.org’s free weekly newsletter here.

Case Spotlight

Hair Relaxer Lawsuits

Women who developed ovarian or uterine cancer after using hair relaxers such as Dark & Lovely and Motions may now have an opportunity to take legal action.

Read more here: Hair Relaxer Cancer Lawsuits

How Do I Join a Class Action Lawsuit?

Did you know there's usually nothing you need to do to join, sign up for, or add your name to new class action lawsuits when they're initially filed?

Read more here: How Do I Join a Class Action Lawsuit?

ClassAction.org Newsletter

Stay Current

Sign Up For
Our Newsletter

New cases and investigations, settlement deadlines, and news straight to your inbox.

This browser does not support PDFs. Please download the PDF to view it: Download PDF.
Open Document
Last Updated on September 19, 2024 — 12:51 PM

Kelsey McCroskey

kelsey@classaction.org

Kelsey works primarily on ClassAction.org’s newswire, reporting on cases as they happen.

About ClassAction.org

ClassAction.org is a group of online professionals (designers, developers and writers) with years of experience in the legal industry.

Learn More

Before commenting, please review our comment policy.