USAA Data Breach Lawsuit Claims ‘System Error’ Exposed Info of 32K Customers in April 2024

New to ClassAction.org? Read our Newswire Disclaimer

United Services Automobile Association (USAA) faces a proposed class action lawsuit over an apparent “system error” that may have impacted the personal information of approximately 32,000 customers in April 2024.

Get the latest open class action lawsuits sent to your inbox. Sign up for ClassAction.org’s free weekly newsletter.

According to the USAA data breach notice letter, the company learned on April 30 that a “system error” during a routine update to its document delivery system caused certain documents belonging to members with property and casualty insurance to be posted to another insured’s online account. The notice letter states that although USAA corrected the error and removed the inadvertently posted documents, a subsequent investigation determined that personal data belonging to current and former USAA customers may have been disclosed to other members.

The 62-page USAA lawsuit relays that the data breach may have compromised consumers’ names, addresses, email addresses, dates of birth, Social Security numbers, driver's license numbers, passport numbers, vehicle identification numbers, property and casualty insurance policy details, loan numbers and medical information.

The case contends that negligence on USAA’s part is to blame for the incident, which, according to the complaint, has exposed customers to a significant risk of fraud and identity theft.

Indeed, the plaintiff, a USAA member residing in Texas, was informed by his banking and personal finance companies that his private data had been posted on the dark web, the filing shares. In addition, approximately $950 was fraudulently charged to the man’s American Express card in August 2024, which he believes was caused by the data breach, the class action suit says.

The lawsuit against USAA alleges that the company failed to timely notify victims that their sensitive information may have been exposed. Although USAA discovered the system error in April 2024, it waited until late August of this year to begin issuing notice letters, the case points out.

The complaint also charges that USAA’s notice letter lacked crucial details about the incident, without which victims’ ability to limit the consequences of the breach is severely reduced.

The lawsuit looks to represent anyone in the United States whose private information was accessed and/or acquired by an unauthorized third party as a result of the data breach reported by the defendant in August 2024.

Check out ClassAction.org’s lawsuit list for the latest open class action lawsuits and investigations.