Data Breach Lawsuit Claims VeriSource Services Failed to Prevent February 2024 Cyberattack
Last Updated on January 21, 2025
Fay v. VeriSource Services, Inc.
Filed: September 18, 2024 ◆§ 4:24-cv-03492
A proposed class action lawsuit alleges deficient cybersecurity on the part of VeriSource Services, Inc. resulted in a February 2024 data breach.
A proposed class action lawsuit alleges deficient cybersecurity on the part of VeriSource Services, Inc. resulted in a February 2024 data breach.
Get the latest open class action lawsuits sent to your inbox. Sign up for ClassAction.org’s free weekly newsletter.
The 51-page data breach lawsuit relays that the Houston-based company, which provides employee benefits administration and data management services, discovered unusual activity on certain computer systems on February 28, 2024. According to the case, an investigation following the system disruption determined that an unauthorized third party had gained access to the network and certain personal information stored therein.
Per the suit, the VeriSource Services data breach compromised the names and Social Security numbers of clients’ current and former employees—highly confidential information that the complaint claims the company stored unencrypted and unredacted in its computer systems.
Despite its legal duty to protect the personal data in its care, VeriSource Services negligently failed to take adequate measures to secure its network against unauthorized intrusion, the filing contends. As the class action lawsuit tells it, the incident could have been prevented had the defendant properly encrypted the information or maintained data security practices in line with industry standards.
Indeed, the suit argues, VeriSource Services should have been fully aware of the risk of being targeted by cybercriminals given the ubiquity of data breaches in recent years and the prevalence of public announcements and warnings by cybersecurity experts.
Nonetheless, the company “recklessly” failed to protect consumers’ private information from falling into the hands of data thieves, who can now use it to commit identity theft, fraud and numerous other cybercrimes, the case alleges.
In addition, although the defendant purports to have learned of the incident in February of this year, it waited until late last month to begin to notify victims, the complaint shares. Per the filing, the notices themselves provide little in the way of explanation, omitting crucial details about the nature of the cyberattack, the identity of the perpetrators and what steps are being taken to secure stored data in the future.
“Without these details, [the plaintiff’s] and Class Members’ ability to mitigate the harms resulting from the Data Breach is severely diminished,” the case asserts.
The VeriSource Services lawsuit looks to represent anyone in the United States whose private information was accessed and/or acquired by an unauthorized third party as a result of the data breach reported by the defendant in August 2024.
Check out ClassAction.org's lawsuit list for the latest open class action lawsuits and investigations.
Video Game Addiction Lawsuits
If your child suffers from video game addiction — including Fortnite addiction or Roblox addiction — you may be able to take legal action. Gamers 18 to 22 may also qualify.
Learn more:Video Game Addiction Lawsuit
Depo-Provera Lawsuits
Anyone who received Depo-Provera or Depo-Provera SubQ injections and has been diagnosed with meningioma, a type of brain tumor, may be able to take legal action.
Read more: Depo-Provera Lawsuit
How Do I Join a Class Action Lawsuit?
Did you know there's usually nothing you need to do to join, sign up for, or add your name to new class action lawsuits when they're initially filed?
Read more here: How Do I Join a Class Action Lawsuit?
Stay Current
Sign Up For
Our Newsletter
New cases and investigations, settlement deadlines, and news straight to your inbox.
Before commenting, please review our comment policy.