Belden, Inc. has been hit with a proposed class action over a November 2020 data breach that reportedly compromised the information of thousands of current and former employees.
The lawsuit alleges those affected by the breach were harmed as a result of Belden’s “careless” and negligent acts and omissions that led to the incident, as well as the company’s decision to wait several weeks before sending notice of the breach.
“As a result of this delayed response, Plaintiff and Class Members had no idea their PII [personal identifiable information] had been compromised, and that they were, and continue to be, at significant risk of identity theft and various other forms of personal, social, and financial harm,” the complaint scathes.
According to the case, Belden, a leading provider of networking, connectivity and cable products, noticed some “unusual activity” on its servers on November 12, 2020. Upon investigation, the company determined that it was the target of a “sophisticated attack” by an outside party who had accessed servers containing current and former employees’ personal information, the suit says.
The compromised information, according to the complaint, included workers’ names, Social Security numbers or tax identification numbers, financial account numbers provided for direct deposit, home addresses, email addresses, dates of birth and other “general employment-related information.”
The suit adds that former and current employees of former Belden subsidiaries, such as Grass Valley USA, LLC, were also affected given the defendant still maintained their personal details.
It wasn’t until December 14, 2020 that Belden began notifying state attorneys general and affected consumers, the lawsuit says.
Per the suit, Belden failed to implement reasonable cybersecurity measures that would have been appropriate to protect the sensitive, unencrypted information despite having been warned of the risks of data breaches.
Affected individuals have been exposed to a heightened risk of identity theft and fraud as a result of the breach, the case says.
“Plaintiff’s and Class Members’ unencrypted information may end up for sale on the dark web, or simply fall into the hands of companies that will use the detailed PII [personal identifiable information] for targeted marketing without the affected current or former employees’ approval,” the complaint states. “Unauthorized individuals can easily access the PII of Belden’s current and former employees and their beneficiaries and dependents.”
The suit looks to represent anyone whose personally identifiable information was compromised in the data breach announced by Belden around November 24, 2020, as well as a proposed subclass of Illinois residents who fit the same criteria.
Get class action lawsuit news sent to your inbox – sign up for ClassAction.org’s newsletter here.