SAN JOSE – A lawsuit filed May 10 in U.S. District Court for the Northern District of California alleges that Best Buy and Delta Airlines failed to secure sensitive customer information when customers used the companies online support and sales systems.
Michael Ford and Rudolph Dubrovszky filed the class action against 24/7 Inc., Best Buy Co. Inc. and Delta Airlines Inc. for failing to protect and timely notify customers of a data breach that occurred when customers used the companies’ online support that is provided by 24/7 Inc.
The firm is a software and services company that provides services to both Delta and Best Buy, including “sales and service-oriented software, as well as voice and chat agent services.” The complaint states that Delta and Best Buy informed customers in early April that those who used the companies’ chat services during September and October were subject to a data breach that included customer payment and identification information.
The complaint states that the defendants should and could have prevented the data breach by implementing newer and safer technology, but did not. The plaintiffs claim the companies did not alert customers until six months after the alleged breach, allowing more problems to arise.
According to court documents, customers have suffered identity theft, stolen personal and financial information, costs from unauthorized use on their credit cards and costs to monitor and fix the problem, “damages arising from the inability to use their debit or credit card accounts because their accounts were suspended or otherwise rendered unusable as a result of fraudulent charges," and “finding fraudulent charges, cancelling and reissuing cards, purchasing credit monitoring and identity theft protection services, imposition of withdrawal and purchase limits on compromised accounts, and the stress, nuisance and annoyance of dealing with all issues resulting from the Data Breach.”
The plaintiffs claim they would not have continued to patronize Best Buy and Delta had they known about the data breach and will continue to suffer harm from having their information stolen or potentially stolen.
The plaintiffs are requesting to certify their lawsuit as a class action seek a trial by jury. The plaintiffs seek statutory, compensatory, consequential, and/or nominal damages, penalties, court costs, and an order for the defendants to implement stronger cyber security and to provide the plaintiffs with credit monitoring services.
U.S. District Court for the Northern District of California, case number 5:18-cv-02770-NC