Aptos, Inc. and Tempur Sealy International, Inc. have been named as defendants in a proposed class action that claims the companies’ negligence put their customers at risk of identity theft. The suit says that in November 2016, Aptos discovered its security systems had been breached and the personal financial information of an undisclosed number of customers had been compromised. Instead of immediately warning its clients, such as Tempur Sealy, Aptos supposedly waited until February 5, 2017, to disclose the breach. Then, the lawsuit continues, Tempur Sealy stood by for another two months – until April 4 – before finally warning its own customers that their private information may have been stolen.
The lawsuit argues that the defendants’ failure to “abide by best practices and industry standards” in their security systems put customers’ information at risk and allowed it to be compromised. On top of that, the case takes issue with defendants’ supposed decision to then delay notifying the public of the breach, which essentially robbed them of an opportunity to mitigate or avoid losses. Had the companies warned customers “in a timely manner,” they may have been able to prevent some or all of the consequences of identity theft, the suit says.
The two plaintiffs, who say they made purchases from Tempur Sealy in 2016, reportedly inspected their credit card accounts after they learned of the security breach and found various fraudulent charges. One of the plaintiffs says his bank reimbursed him for some, but not all, of the charges. Both men attest that they were forced to spend time and energy attempting to mitigate the alleged damage.