infosys data breach: Infosys McCamish facing fourth class action suit over 2023 data breach

Share via:


Another class action complaint was filed against Infosys McCamish Systems LLC (IMS) this month in the US District Court for the Northern District of Georgia, the company disclosed in a filing with US Securities and Exchange Commission on Wednesday night.This is the fourth class action complaint filed against the IT major’s US subsidiary since the cyber security incident on November, 2023, that exposed approximately 6.5 million individuals’ information to unauthorised access.

Elevate Your Tech Prowess with High-Value Skill Courses

Offering College Course Website
IIT Delhi Certificate Programme in Data Science & Machine Learning Visit
Indian School of Business ISB Product Management Visit
Indian School of Business Professional Certificate in Product Management Visit

“On July 8, 2024, another class action complaint arising out of the same incident was filed in the same court against McCamish. The complaint was purportedly filed on behalf of all individuals residing in the United States whose private information was accessed and/or acquired by an unauthorized party as a result of the incident,” Infosys said in the filing.

Mails seeking comment from Infosys were directed to response made during Q1 earnings where CEO Salil Parekh said “McCamish is in the process of coordinating with its clients to ensure all the notifications are provided. In addition, the U.S. State Attorney Generals and Insurance Commissioners have also been notified.”

This development comes a month after the court consolidated two previous class actions on June 4, 2024. McCamish, in coordination with its third-party eDiscovery vendor, has identified up to approximately 6.5 million individuals whose information was subject to unauthorized access and exfiltration.

In an earlier filing, the company had stated, “The information associated with each individual varies, but the data as a whole includes information such as email and mailing addresses, phone numbers, birth dates, social security numbers and other identification numbers, usernames, passwords, financial and customer account numbers, policy numbers, salaries and personal medical information.”

Discover the stories of your interest


After the cyber security breach, on March 6, 2024, a class action complaint was filed in the U.S. District Court for the Northern District of Georgia against McCamish. “The complaint was purportedly filed on behalf of all individuals within the United States whose personally identifiable information was exposed to unauthorized third parties as a result of the incident. On May 6, 2024, McCamish filed a motion to dismiss the complaint”, Infosys said in the filing.On May 15, 2024, another class action complaint arising out of the same incident was filed in the same court against McCamish.

On June 3, 2024, the plaintiffs in the two class actions filed a motion to consolidate the two cases. On June 4, 2024, the court consolidated the two class actions and closed the class action that was filed on May 15, 2024.

Plaintiff’s complaints

As per the court document seen by ET, the plaintiff complained that he was a participant in a deferred compensation plan serviced by Bank of America.

“As a result, Plaintiff was injured in the form of lost time dealing with the consequences of the Data Breach, which included and continues to include: time spent verifying the legitimacy and impact of the Data Breach; time spent exploring credit monitoring and identity theft insurance options; time spent self-monitoring their accounts with heightened scrutiny and time spent seeking legal counsel regarding their options for remedying and/or mitigating the effects of the Data Breach.”

The complaint added, “Plaintiff was also injured by the material risk to future harm they suffer based on defendant’s breach; this risk is imminent and substantial because plaintiff’s data has been exposed in the breach, the data involved, including Social Security numbers, is highly sensitive and presents a high risk of identity theft or fraud; and it is likely, given defendant’s clientele, that some of the class’s information that has been exposed has already been misused.”

“Indeed, about two months ago, an unknown and unauthorized actor made a series of fraudulent attempts on the plaintiff’s Bank of America VISA card for purchases of $1200-$1500 from Zales.com. Plaintiff was required to receive a new VISA card, and additionally had to reset several automatic billing cycles in response.”



Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Popular

More Like this

infosys data breach: Infosys McCamish facing fourth class action suit over 2023 data breach


Another class action complaint was filed against Infosys McCamish Systems LLC (IMS) this month in the US District Court for the Northern District of Georgia, the company disclosed in a filing with US Securities and Exchange Commission on Wednesday night.This is the fourth class action complaint filed against the IT major’s US subsidiary since the cyber security incident on November, 2023, that exposed approximately 6.5 million individuals’ information to unauthorised access.

Elevate Your Tech Prowess with High-Value Skill Courses

Offering College Course Website
IIT Delhi Certificate Programme in Data Science & Machine Learning Visit
Indian School of Business ISB Product Management Visit
Indian School of Business Professional Certificate in Product Management Visit

“On July 8, 2024, another class action complaint arising out of the same incident was filed in the same court against McCamish. The complaint was purportedly filed on behalf of all individuals residing in the United States whose private information was accessed and/or acquired by an unauthorized party as a result of the incident,” Infosys said in the filing.

Mails seeking comment from Infosys were directed to response made during Q1 earnings where CEO Salil Parekh said “McCamish is in the process of coordinating with its clients to ensure all the notifications are provided. In addition, the U.S. State Attorney Generals and Insurance Commissioners have also been notified.”

This development comes a month after the court consolidated two previous class actions on June 4, 2024. McCamish, in coordination with its third-party eDiscovery vendor, has identified up to approximately 6.5 million individuals whose information was subject to unauthorized access and exfiltration.

In an earlier filing, the company had stated, “The information associated with each individual varies, but the data as a whole includes information such as email and mailing addresses, phone numbers, birth dates, social security numbers and other identification numbers, usernames, passwords, financial and customer account numbers, policy numbers, salaries and personal medical information.”

Discover the stories of your interest


After the cyber security breach, on March 6, 2024, a class action complaint was filed in the U.S. District Court for the Northern District of Georgia against McCamish. “The complaint was purportedly filed on behalf of all individuals within the United States whose personally identifiable information was exposed to unauthorized third parties as a result of the incident. On May 6, 2024, McCamish filed a motion to dismiss the complaint”, Infosys said in the filing.On May 15, 2024, another class action complaint arising out of the same incident was filed in the same court against McCamish.

On June 3, 2024, the plaintiffs in the two class actions filed a motion to consolidate the two cases. On June 4, 2024, the court consolidated the two class actions and closed the class action that was filed on May 15, 2024.

Plaintiff’s complaints

As per the court document seen by ET, the plaintiff complained that he was a participant in a deferred compensation plan serviced by Bank of America.

“As a result, Plaintiff was injured in the form of lost time dealing with the consequences of the Data Breach, which included and continues to include: time spent verifying the legitimacy and impact of the Data Breach; time spent exploring credit monitoring and identity theft insurance options; time spent self-monitoring their accounts with heightened scrutiny and time spent seeking legal counsel regarding their options for remedying and/or mitigating the effects of the Data Breach.”

The complaint added, “Plaintiff was also injured by the material risk to future harm they suffer based on defendant’s breach; this risk is imminent and substantial because plaintiff’s data has been exposed in the breach, the data involved, including Social Security numbers, is highly sensitive and presents a high risk of identity theft or fraud; and it is likely, given defendant’s clientele, that some of the class’s information that has been exposed has already been misused.”

“Indeed, about two months ago, an unknown and unauthorized actor made a series of fraudulent attempts on the plaintiff’s Bank of America VISA card for purchases of $1200-$1500 from Zales.com. Plaintiff was required to receive a new VISA card, and additionally had to reset several automatic billing cycles in response.”



Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

More like this

OpenAI’s o3 suggests AI models are scaling in new...

Last month, AI founders and investors told TechCrunch...

The FTC orders Marriott and Starwood to beef up...

The Federal Trade Commission announced on Friday it...

Aave mulls Chainlink integration to return MEV fees to...

The DeFi protocol aims to capture around 40%...

Popular

Upcoming Events

Startup Information that matters. Get in your inbox Daily!