Jackson National Life Insurance Company Liable for 2023 Data Breach, Class Action Alleges

New to ClassAction.org? Read our Newswire Disclaimer

A proposed class action claims negligence on the part of Jackson National Life Insurance Company is to blame for a May 2023 data breach affecting potentially hundreds of thousands of individuals.

Want to stay in the loop on class actions that matter to you? Sign up for ClassAction.org’s free weekly newsletter here.

The 54-page case says the Michigan-based insurance company discovered on May 31 of this year that personal information belonging to its current and former customers had been exposed in a cyberattack perpetrated against MOVEit, a widely used file transfer platform.

The company’s data breach notice letter revealed that between May 29 and 30, an unauthorized actor exploited a vulnerability in the MOVEit software and downloaded files containing consumers’ unencrypted data, the lawsuit relays. According to the complaint, the notice letter was sent on Jackson’s behalf by Pension Benefit Information, a third-party vendor that uses MOVEit to provide audit and address research services for the defendant.

The filing contends that the data breach, which exposed consumers’ full names, dates of birth and Social Security numbers, was the result of the company’s “reckless” failure to properly safeguard the sensitive data entrusted to it.

“[Jackson] did not use reasonable security procedures and practices appropriate to the nature of the sensitive information they were maintaining for Plaintiff and Class Members … such as encrypting the information or deleting it when it is no longer needed,” the case argues. “Moreover, [the defendant] failed to exercise due diligence in selecting its IT vendors or deciding with whom it would share sensitive [personally identifiable information].”

Given the substantial increase in cyberattacks in recent years, Jackson “knew or should have known” that its cybersecurity obligations were “particularly important,” the suit charges.

The company’s failure to comply with its legal obligation to protect consumers’ data from unauthorized disclosure has “long lasting and severe” ramifications for affected individuals, the lawsuit stresses.

“Once [personally identifiable information] is stolen––particularly Social Security numbers––fraudulent use of that information and damage to victims may continue for years,” the case says, noting that class members will be forced to pay out of pocket for necessary identity monitoring services.

The lawsuit looks to represent anyone in the United States whose personal information was impacted as a result of the data breach announced by Jackson National Life Insurance Company.

Get class action lawsuit news sent to your inbox – sign up for ClassAction.org’s free weekly newsletter here.