Wacks Law Group Failed to Protect Private Data from Hackers, Class Action Claims

New to ClassAction.org? Read our Newswire Disclaimer

The Wacks Law Group (WLG) has been hit with a proposed class action lawsuit over a cyberattack reportedly discovered by the firm in March 2024.

Get the latest open class action lawsuits sent to your inbox. Sign up for ClassAction.org’s free weekly newsletter.

According to the 65-page data breach lawsuit, the New Jersey-based law firm fell victim to a ransomware attack in which an unauthorized third party gained access to certain personal information stored in the firm’s network environment. The case relays that the unauthorized intrusion, which WLG apparently detected on March 9, 2024, compromised names, Social Security numbers and driver’s license numbers, though the full extent of the data breach remains unknown, the filing says.

Per the suit, a ransomware gang known as Qilin reportedly claimed responsibility for the cyberattack, and announced on the dark web that the group had exfiltrated confidential documents and non-disclosure agreements in addition to personally identifiable information.

The complaint charges that WLG was legally obligated to protect the private data in its care from falling into the hands of cyberthieves. However, despite this duty, the firm failed to implement adequate cybersecurity protocols, and stored the highly sensitive information unencrypted in its computer network, the filing contends.

As a result of WLG’s alleged negligence, cybercriminals now have “everything they need to commit identity theft and wreak havoc on the financial and personal lives” of data breach victims, the class action lawsuit argues.

To make matters worse, although the law firm purports to have discovered the incident in March 2024, WLG “inexplicably delayed” notifying impacted individuals until August, the suit asserts. The months-long delay has given data thieves a “head-start” in misusing and disseminating the stolen information, the case claims.

The complaint also takes issue with WLG’s offer to victims of 12 months of complimentary credit monitoring services. The filing contests that the “token gesture” is “woefully inadequate” given that affected individuals will be at an ongoing risk of being targeted for cybercrimes for the rest of their lives.

The Wacks Law Group lawsuit looks to represent anyone in the United States who was a victim of the data breach, including anyone sent a notice letter from the firm.

Check our list of rebates and settlements to see if you’re covered by an open class action settlement.