in Newswire Published on June 24, 2022

Meyer Corporation Facing Class Action Over October 2021 Data Breach

Brasch v. Meyer Corporation, U.S.

Filed: June 16, 2022 ◆§ 3:22-cv-03570

Meyer Corporation faces a lawsuit over a data breach in which the personal information of at least 2,747 current and former employees was reportedly compromised.

Defendant(s)

Meyer Corporation, U.S.

Law(s)

California Unfair Competition Law California Consumer Privacy Act California Consumer Records Act

State(s)

California

Categories

Privacy Data Breach

Meyer Corporation faces a proposed class action lawsuit over an October 2021 data breach in which the personal information of at least 2,747 current and former employees was reportedly compromised.

The 21-page case alleges the cookware manufacturer failed to adequately safeguard employees’ information and train workers on reasonable cybersecurity protocols. Moreover, the lawsuit claims that Meyer waited nearly four months after discovering the breach to notify those whose information was affected.

In the meantime, cybercriminals publicly claimed responsibility for the incident and even published some of the data “to prove what they had done,” the suit relays.

The case says the information exposed during the Meyer data breach included current and former employees’ names; addresses; dates of birth; gender and race details; Social Security and driver’s license numbers; medical information, including conditions, prior drug tests, and COVID vaccination cards and statuses; immigration status; and dependents’ personal information.

According to the suit, Meyer discovered around October 25, 2021 that cybercriminals had accessed its systems and impacted the company’s operations. Per the case, it is not known how long employees’ personal information was exposed before the breach was detected.

In early November 2021, a cybercriminal syndicate known as the Conti ransomware group, the complaint states, publicly claimed responsibility for the breach and published at least two percent of the stolen data online.

The lawsuit says that Meyer finished its investigation into the incident by early December yet waited until February 15, 2022 to notify those whose information was compromised.

Per the case, the data breach notice sent to victims “revealed little” about the incident and misleadingly informed employees that Meyer had “no evidence that [their] specific information was actually accessed or impacted,” even though the Conti group had already published some of the data.

“Meyer’s Breach Notice does not explain how the hack happened, why it took so long for Meyer to discover it, that cybercriminals have posted employee [personally identifiable information] online, what exactly cybercriminals stole, and why it took Meyer nearly 4 months to disclose the breach in a bare-bones notice,” the complaint scathes.

The suit takes further issue with Meyer’s offer of 24 months of free credit monitoring, arguing that it “fails to adequately address the lifelong threat the Data Breach poses to impacted employees.”

The lawsuit looks to represent California residents whose personally identifiable information was compromised in the data breach disclosed by Meyer in February 2022.

Get class action lawsuit news sent to your inbox – sign up for ClassAction.org’s newsletter here.

Case Spotlight

Video Game Addiction Lawsuits

If your child suffers from video game addiction — including Fortnite addiction or Roblox addiction — you may be able to take legal action. Gamers 18 to 22 may also qualify.

Learn more:Video Game Addiction Lawsuit

Depo-Provera Lawsuits

Anyone who received Depo-Provera or Depo-Provera SubQ injections and has been diagnosed with meningioma, a type of brain tumor, may be able to take legal action.

How Do I Join a Class Action Lawsuit?

Did you know there's usually nothing you need to do to join, sign up for, or add your name to new class action lawsuits when they're initially filed?

Read more here: How Do I Join a Class Action Lawsuit?