in Newswire Published on November 8, 2023

Class Action Filed Against MidFirst Bank Over May 2023 Data Breach

by Kelly Mehorter

Last Updated on March 13, 2024

View Comments

Strothier v. MidFirst Bank

Filed: November 3, 2023 § 5:23-cv-00995

Read Complaint

MidFirst Bank faces a proposed class action over a May 2023 data breach that compromised current and former customers’ private information.

Defendant(s)

MidFirst Bank

Law(s)

Oklahoma Consumer Protection Act

State(s)

Oklahoma

Categories

Privacy Data Breach

MidFirst Bank faces a proposed class action over a May 2023 data breach that compromised current and former customers’ private information.

Want to stay in the loop on class actions that matter to you? Sign up for ClassAction.org’s free weekly newsletter here.

According to the 71-page lawsuit, the Oklahoma City-based bank is among the hundreds of organizations affected by the massive cyberattack against MOVEit, a popular file transfer service and IT vendor of MidFirst. The complaint says that an unauthorized third party was able to download files from the MOVEit platform between May 27 and May 31 of this year, exposing MidFirst customers’ names, Social Security numbers, account numbers and other sensitive information.

Per the filing, the data breach has also affected current and former customers of Vio, the online banking division of MidFirst. As a result, these victims now face a lifelong threat of identity theft, fraud and other criminal misuse of their personal data, the case contends.

Related Reading: 2023 MOVEit Data Breach Lawsuits

The suit argues that the cyberattack stemmed from MidFirst’s “negligent and reckless” failure to safeguard consumer data from unauthorized access by implementing appropriate cybersecurity measures.

“[The defendant] could have prevented this Data Breach by properly securing and encrypting the files and file servers containing the [personally identifiable information] of [the plaintiff] and Class Members or by exercising due diligence in selecting its IT vendors and properly auditing those vendor’s [sic] security practices,” the complaint contends.

The filing goes on to say that in its August 18 notice to impacted individuals, MidFirst omitted several “critical facts” about the incident, leaving victims in the dark about the root cause of the data breach, what vulnerabilities were exploited, why it took nearly three months to disclose the event and what steps it’s taken to ensure that a future attack doesn’t occur.

“Without these details, [the plaintiff’s] and Class Members’ ability to mitigate the harms resulting from the Data Breach is severely diminished,” the suit shares.

The lawsuit looks to represent anyone in the United States whose personally identifiable information was impacted as a result of the MidFirst Bank data breach.

Get class action lawsuit news sent to your inbox – sign up for ClassAction.org’s free weekly newsletter here.

Case Spotlight

Hair Relaxer Lawsuits

Women who developed ovarian or uterine cancer after using hair relaxers such as Dark & Lovely and Motions may now have an opportunity to take legal action.

Read more here: Hair Relaxer Cancer Lawsuits

How Do I Join a Class Action Lawsuit?

Did you know there's usually nothing you need to do to join, sign up for, or add your name to new class action lawsuits when they're initially filed?

Read more here: How Do I Join a Class Action Lawsuit?

ClassAction.org Newsletter

Stay Current

Sign Up For
Our Newsletter

New cases and investigations, settlement deadlines, and news straight to your inbox.

This browser does not support PDFs. Please download the PDF to view it: Download PDF.
Open Document
Last Updated on March 13, 2024 — 11:39 AM

Kelly Mehorter

kelly@classaction.org

Kelly works primarily on ClassAction.org’s newswire, reporting on cases as they happen.

About ClassAction.org

ClassAction.org is a group of online professionals (designers, developers and writers) with years of experience in the legal industry.

Learn More

Before commenting, please review our comment policy.