in Newswire Published on April 9, 2021

Infinity Insurance, Parent Co. Hit with Class Action Over Reported December 2020 Data Breach [UPDATE]

by Erin Shaak

Last Updated on September 25, 2024

View Comments

Aguallo et al. v. Kemper Corporation et al.

Filed: April 8, 2021 § 1:21-cv-01883

Read Complaint

Infinity Insurance Company and parent Kemper Corporation have been named in a proposed class action over a reported late-December 2020 data breach.

Defendant(s)

Infinity Insurance Kemper Corporation

Law(s)

California Business and Professions Code California Unfair Competition Law Florida Deceptive and Unfair Trade Practices Act California Consumers Legal Remedies Act California Consumer Privacy Act

State(s)

Illinois

Categories

Privacy Data Breach

Case Updates

March 1, 2022 – Settlement Reached, Awaits Final Approval

The judge overseeing the case detailed on this page preliminarily approved a settlement last October that aims to compensate data breach victims.

Don’t miss out on settlement news like this. Sign up for ClassAction.org’s free weekly newsletter here.

The settlement covers anyone in the U.S. who was sent a notice letter informing them that their personally identifiable information was compromised in the data incidents announced by Kemper and Infinity on or around March 16, 2021 and May 25, 2021.

Those covered by the settlement, called class members, should have already received notice of the deal via email or mail with a unique code that will allow them to enroll in 18 free months of Aura’s Financial Shield fraud monitoring and protection services. Enrollment may happen at any time during the covered 18-month period without class members having to file a claim, and class members can sign up to receive an email reminder for when their redemption code becomes active by following the link on this page.

Additionally, class members can file a claim to receive up to $10,000 per person for documented out-of-pocket losses tied to the data breaches and reimbursement for up to six hours of lost time spent dealing with the effects of the incidents. Three hours of lost time can be claimed at $18 per hour “with a simple attestation and brief description of the activities performed during that time,” and an additional three hours can be claimed with documented evidence of the lost time. If class members missed work to address the data incidents, they can be reimbursed at their documented compensation rate of up to $50 per hour.

Class members who are California residents can also file a claim for an additional $50.

The deadline to file a claim is March 15, 2022. Claims can be filed on the official settlement website here.

Aside from monetary relief, the defendants have also agreed to make changes to their business practices to ensure that consumers’ data is adequately secured.

In a December 23, 2021 memo, plaintiffs’ counsel praised the settlement as “an excellent result” for those covered.

The deal now awaits a judge’s final approval, after which those who filed valid claims will receive their payments, pending the results of any appeals. A final approval hearing has been scheduled for March 15, 2022.

Infinity Insurance Company and parent Kemper Corporation have been named in a proposed class action over a reported late-December 2020 data breach.

According to the 41-page case, the automobile insurance companies in mid-March 2021 began to send notice of a data breach that they said occurred on December 26, 2020. Per the suit, exposed in the incident were customers’ and employees’ names, addresses, Social Security numbers, driver’s license numbers, medical leave details and workers’ compensation claim data.

The lawsuit out of Illinois alleges the breach occurred as a result of the defendants’ “negligent and/or careless acts and omissions” and failure to protect customers’ personally identifiable information (PII). The case contends that the insurers’ failure to implement adequate data security measures has subjected those affected by the breach to injuries ranging from lost time to an increased risk of identity theft and fraud.

“Plaintiffs and members of the Classes now face years of constant surveillance of their financial and personal records, monitoring, and loss of rights,” the complaint states. “The Classes are incurring and will continue to incur such damages in addition to any fraudulent use of their PII.”

Despite Infinity’s representations that it would protect customers’ privacy, the company, the lawsuit says, began to notify customers last month that its security team had “detected indications of a potential security incident on December 26, 2020,” and “identified brief, unauthorized access to files on certain company servers in [its] network on two days in December 2020.”

The defendants, the case claims, “knew, or reasonably should have known” of the importance of protecting customers’ and employees’ information in addition to the “foreseeable consequences” of a data breach, including the “significant costs” that would be incurred by those affected. Nevertheless, Kemper and Infinity, the suit says, have engaged in “negligent, knowing and willful, and/or wanton and reckless” conduct with respect to proposed class members’ privacy rights.

Get class action lawsuit news sent to your inbox – sign up for ClassAction.org’s newsletter here.

This browser does not support PDFs. Please download the PDF to view it: Download PDF.
Open Document
Last Updated on September 25, 2024 — 9:55 AM

Erin Shaak

erin@classaction.org

Erin works primarily on ClassAction.org’s newswire, reporting on cases as they happen.

About ClassAction.org

ClassAction.org is a group of online professionals (designers, developers and writers) with years of experience in the legal industry.

Learn More

Before commenting, please review our comment policy.