Deloitte Rolled Out Pandemic Unemployment Assistance Portals Without Proper Data Protections, Class Action Claims
Alexander v. Deloitte Consulting, LLP
Filed: May 29, 2020 ◆§ 1:20-cv-04129
A class action claims at least three states' unemployment benefits portals set up by Deloitte Consulting exposed applicants' personally identifiable information.
Deloitte Consulting failed to take reasonable and adequate measures to protect consumers’ personally identifiable information when designing, building and maintaining multiple states’ unemployment systems, a proposed class action alleges.
Amid the COVID-19 crisis, Deloitte contracted with a number of state agencies, including the Ohio Department of Job and Family Services, Illinois Department of Employment Security and Colorado Department of Labor and Employment, to help administer the federal Pandemic Unemployment Assistance program (PUA), the lawsuit begins. The defendant was tasked by states with designing, building and maintaining web-based portals through which consumers could apply for unemployment benefits and communicate with state officials, the suit says, stressing that Deloitte was entrusted with applicants’ sensitive personal information.
According to the lawsuit, however, Deloitte’s cloud-based PUA portal went live around May 11 without appropriate safeguards to protect unemployment applicants’ personal information against prying eyes.
On May 16, the complaint says, Illinois acknowledged a “glitch” in Deloitte’s PUA system that made publicly available the information of some 44,000 workers who applied for benefits on the first day. Then, on May 19, Colorado acknowledged “a limited and intermittent data access issue” that saw some unemployment applicants granted access to others’ private communications with the state, the lawsuit says, claiming the correspondence contained Social Security numbers. According to the suit, 72,000 individuals were affected by the issue.
Further still, Ohio acknowledged via email that unemployment applicants’ Social Security numbers, names and addresses may have been inadvertently viewed by others, the suit continues. It’s believed 130,000 applicants were affected by this particular glitch, the case says.
Though Deloitte is offering 12 months of free credit monitoring to PUA applicants in Ohio, Colorado and Illinois, those whose information was exposed have sustained concrete injury in that they face a heightened risk of identity theft and fraud, the lawsuit asserts.
The lawsuit looks to cover all U.S. residents whose personally identifiable information was compromised as a result of the Pandemic Unemployment Assistance portal data breach.
ClassAction.org’s coverage of COVID-19 litigation can be found here and over on our Newswire.
Sign up for ClassAction.org’s newsletter here.
Hair Relaxer Lawsuits
Women who developed ovarian or uterine cancer after using hair relaxers such as Dark & Lovely and Motions may now have an opportunity to take legal action.
Read more here: Hair Relaxer Cancer Lawsuits
How Do I Join a Class Action Lawsuit?
Did you know there's usually nothing you need to do to join, sign up for, or add your name to new class action lawsuits when they're initially filed?
Read more here: How Do I Join a Class Action Lawsuit?
Stay Current
Sign Up For
Our Newsletter
New cases and investigations, settlement deadlines, and news straight to your inbox.
Before commenting, please review our comment policy.