A North Carolina-based bank is facing a proposed class-action lawsuit over a data breach that has allegedly placed customers at serious risk of fraud and identity theft.
The plaintiff accuses Truist Bank of failing to secure and safeguard its customers’ sensitive information properly, following a security incident that exposed confidential data of account holders.
A few weeks ago, Truist Bank confirmed that its security systems were compromised in October after a notorious hacker claimed that it was selling data from the bank containing 65,000 account holders’ names, bank account numbers, transaction history and balances for a fee of $1 million.
The bank said an unspecified but limited number of clients were affected.
The lawsuit alleges that Truist Bank was negligent and the attack was “foreseeable and preventable,” saying the lender “intentionally, willfully, recklessly” failed to establish adequate measures to protect its systems against unauthorized access.
“Defendant could have prevented this Data Breach by, among other things, properly encrypting or otherwise protecting their equipment and computer files containing PII (personally identifying information).”
The plaintiff says that victims of the data breach are vulnerable to a variety financial crimes including fraud and identity theft. They may also bear out of pocket costs to purchase credit monitoring services and other defensive measures to shield their accounts against bad actors.
The class-action lawsuit is seeking for an injunction that compels the bank to undergo a comprehensive revamp of its cybersecurity program. The plaintiff is also asking the court to order Truist Bank to pay for punitive damages and litigation costs as allowed by law.
Truist Bank is the eighth-largest commercial bank in the US with $526.714 billion in consolidated assets, according to Federal Reserve data.
Don't Miss a Beat – Subscribe to get email alerts delivered directly to your inboxGenerated Image: Midjourney