A civil lawsuit filed Thursday in the Northern District of Illinois has targeted Samsung Electronics America Inc. for a data breach that occurred in late July and disclosed an undetermined number of personal identifying information of electronic customers, including including their demographics, date of birth, and product registration details. The filing says the national group has an interest in recouping the time and money spent mitigating their damages and ensuring their personal information is protected from further breaches.
The lawsuit explained that in early September, customers were notified of the breach. Specifically, Samsung said an unauthorized third party acquired information from some of Samsung’s US systems containing personal information. The company offered what it said customers were entitled to under US law, one free credit report per year from each of the three major national credit reporting agencies.
The plaintiffs, owners of Samsung smartphones, claim that Samsung did not do enough to protect their information. Specifically, the lawsuit accuses the electronics maker of failings, including the inability to block inbound and outbound internet, email and network traffic to foreign countries, maintain a secure firewall, monitor traffic suspicious or irregular to servers, suspicious credentials used to access servers, and for suspicious or unknown users.
The complaint argued that the exposed information is valuable to criminals and that repair will require time and attention from members of the group. Among the tasks listed, the filing says affected customers will need to spend time investigating and remediating accusations of fraudulent activity, purchasing credit monitoring and preventing identity theft, and potentially spending time and money to the fight against identity theft.
The record shows claims for negligence, negligence per se, and breach of implied contract. Plaintiffs are represented by Zimmerman Law Offices PC and DannLaw.