Convergent Outsourcing Hit with Class Action Over 2022 Data Breach [UPDATE]
Last Updated on April 4, 2024
Garcia-Meza v. Convergent Outsourcing, Inc.
Filed: December 16, 2022 ◆§ 2:22-cv-01804-BJR
A class action alleges Convergent Outsourcing, Inc. failed to properly safeguard customers’ sensitive information from a data breach detected in June 2022.
Illinois
April 4, 2024 – $2.45M Convergent Outsourcing Data Breach Deal Approved; Settlement Website Is Live
The official website for the $2.45 million Convergent Outsourcing data breach lawsuit settlement is live and can be found at ConvergentDataBreachSettlement.com.
Want to stay in the loop on class actions that matter to you? Sign up for ClassAction.org’s free weekly newsletter here.
To receive a share of the class action settlement benefits—that is, reimbursement for up to $1,500 of out-of-pocket expenses; up to 10 hours of lost time or up to $10,000 of “extraordinary” losses, or an alternative pro rata cash payment—eligible class members must submit a claim form online or by mail by June 19, 2024.
To file a claim online, head to this page. Class members may also download the PDF claim form or contact the settlement administrator to request a paper copy to file by mail.
Court records show that the deal was preliminarily approved on February 20, 2024. The parties now await final approval of the settlement terms following a hearing scheduled for July 19 of this year.
The website relays that payments will be distributed to eligible class members if the court grants final approval to the deal, and after any objections or appeals are resolved.
Don’t miss out on settlement news like this. Sign up for ClassAction.org’s free weekly newsletter here.
February 15, 2024 – Convergent Outsourcing Data Breach Lawsuit Settled for $2.45 Million
Debt collector Convergent Outsourcing has agreed to a $2.45 million settlement to resolve the proposed data breach class action detailed on this page.
Want to stay in the loop on class actions that matter to you? Sign up for ClassAction.org’s free weekly newsletter here.
The proposed data breach settlement, if approved by the court, would cover all U.S. residents to whom Convergent Outsourcing sent notification that their personal information may have been compromised by unauthorized parties as a result of the data security incident discovered by the company on or about June 17, 2022.
Court documents state that nearly 641,000 people are class members for the proposed Convergent Outsourcing data breach settlement. If the deal is approved, covered individuals should receive notice of the settlement by mail.
Class members will be able to file a claim for reimbursement of up to $1,500 for ordinary expenses and up to 10 hours of lost time related to the data breach, and for “extraordinary” documented losses of up to $10,000 per class member. Alternatively, a class member may opt to receive a pro rata cash payment from the settlement fund, court documents share, noting that the dollar amount of cash payments may decrease depending on the total number of valid claims filed.
The plaintiffs filed a renewed motion for preliminary settlement approval on February 9, 2024, almost two months after United States District Judge Marsha J. Pechman stopped short of preliminarily approving their initial settlement motion, namely because of an “overbroad” release of claims and a lack of specifics on the amounts or percentage of the common fund that would be sought for attorney fees and class representative awards.
Remedying their initial settlement motion, attorneys informed the court that they would seek reimbursement for reasonable fees and costs not to exceed 27 percent of the overall settlement fund. They also told the court they will request awards of $1,500 each for the class representatives.
ClassAction.org will update this page if and when the court grants preliminary approval to the settlement, and when an official settlement website is launched, so be sure to check back often.
Don’t miss out on settlement news like this. Sign up for ClassAction.org’s free weekly newsletter here.
A proposed class action alleges Convergent Outsourcing, Inc. failed to properly safeguard customers’ sensitive information from a data breach detected in June 2022.
Want to stay in the loop on class actions that matter to you? Sign up for ClassAction.org’s free weekly newsletter here.
According to the 24-page data breach lawsuit, the cyberattack was the direct consequence of Convergent’s failure to implement adequate data security measures, despite repeated industry-wide warnings about the risk of cyberattacks and numerous well-publicized incidents of the same nature in recent years. As a result, unauthorized actors were able to access the debt collector’s computer system on June 17 of this year, the lawsuit states.
Per the suit, the stolen data includes consumers’ names, contact information, financial account information and Social Security numbers. The suit further charges that Convergent allowed nefarious actors “sufficient time” to steal personal information “unabated” because the company failed to detect the data breach for a significant period.
The class action claims that Convergent waited until October, months after discovering the breach, to contact a portion of the hundreds of thousands of individuals whose sensitive data had been compromised. However, Convergent has yet to notify all its impacted customers, the suit alleges.
Whether they know it or not, the data breach victims now face a very high risk of identity theft, fraud and other fraudulent misuses of their sensitive data for years to come, the lawsuit states.
Convergent neglected to maintain industry-standard, or even “rudimentary,” data security practices, the complaint argues. The filing claims that the debt collector could have prevented the cyberattacks had it maintained the following basic cybersecurity safeguards:
“(a) the proper encryption of Private Information; (b) educating and training employees on how to protect Private Information; and (c) correcting the configuration of software and network devices.”
Additionally, the case asserts that the company’s failure to employ “reasonable and appropriate” security measures are out of line with the Federal Trade Commission Act and the agency’s cybersecurity guidelines for businesses.
Due to Convergent’s negligence, impacted individuals have been subjected to considerable damages, including “expenses for credit monitoring and identity theft insurance, out-of-pocket expenses, anxiety, emotional distress, loss of privacy, and other economic and non-economic harm,” the suit reads.
The lawsuit looks to represent anyone whose personally identifiable information was exposed while in possession of Convergent Outsourcing, Inc., or any of its subsidiaries and/or agents during the 2022 data breach.
Get class action lawsuit news sent to your inbox – sign up for ClassAction.org’s free weekly newsletter here.
Hair Relaxer Lawsuits
Women who developed ovarian or uterine cancer after using hair relaxers such as Dark & Lovely and Motions may now have an opportunity to take legal action.
Read more here: Hair Relaxer Cancer Lawsuits
How Do I Join a Class Action Lawsuit?
Did you know there's usually nothing you need to do to join, sign up for, or add your name to new class action lawsuits when they're initially filed?
Read more here: How Do I Join a Class Action Lawsuit?
Stay Current
Sign Up For
Our Newsletter
New cases and investigations, settlement deadlines, and news straight to your inbox.
Before commenting, please review our comment policy.