Consolidated Data Breach Suit vs. Dish Adds Alleged Va., Wis. Violations
A consolidated class action complaint (docket 1:23-cv-01168), filed Thursday in U.S. District Court for Colorado in Denver over Dish Network’s February data breach, added violations of Virginia and Wisconsin state laws to negligence, breach of contract, unjust enrichment and violations of the FTC Act and North Carolina Deceptive Trade Practices Act.
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
The May suit, brought by Susan Owen-Brooks of North Carolina has grown to 13 plaintiffs, whom Dish informed that their private information was compromised in the breach. Plaintiffs assert the breach could have been prevented if Dish had “properly monitored its networks.” The consolidated complaint was amended to include privacy violations of the Health Insurance Portability and Accountability Act, along with the FTC Act, under the negligence per se claim.
Class members added as plaintiffs to the action are Dish employees Suzanne Cook and Crystal Bane, both residents of Florida, and Michael Cardenas of Tennessee; Jada Looney of Kansas, who brought the action on behalf of herself and her three minor children and whose husband is a former Dish employee; former Dish employees Rebecca Dougherty and Daniel Clark, both of Colorado, David Abraham of Wyoming, John Cruse of Tennessee, Laina Jenkins of West Virginia and Christie Turley of Illinois; and Dish customers Kimberley Sandretto of Wisconsin and Laura Vest of Virginia.
Consequences plaintiffs have suffered as a result of the data breach include an increase in spam calls and emails, time spent on placing credit freezes and managing financial accounts, increased risk of identity theft and feelings of anxiety and helplessness associated with the fear of identity theft.
Cardenas was the victim of fraud when he began receiving letters from lending institutions saying unknown individuals had been applying for car loans using his information; his bank notified him that an unknown individual charged $125 to his debit card in another state in August, the complaint said. An unknown individual tried to obtain unemployment benefits using plaintiff Clark’s information, and an individual tried to buy items using his credit card, the complaint said. Clark’s password manager told him his personal information was found on the dark web.
Cruse said he was denied a new job during a security clearance because his information was found on the dark web, the complaint said. Unknown persons tried to sign up for investment and bank accounts using Jenkins’ information, and she had nine credit inquiries on her credit report for lines of credit she never opened; her information was also found on the dark web, it said.
Turley receives multiple calls a day alerting her to compromises of her credit card and preapproved loans she didn’t apply for, it said. Vest has had three unauthorized “hard inquiries” on her credit report, had $50 transferred from her PayPal account without her authorization and was informed through her credit monitoring account that her personal information “is now for sale on the dark web,” it said. Looney had unauthorized inquiries on her and her husband’s credit reports, it said.