Employees and customers of David’s Bridal Inc. hit the bridal shop with two proposed class actions Saturday over the company’s alleged failure to protect personally identifiable information after two subsequent data breaches.
The bridal and occasion store was attacked by ransomware group LockBit 3.0 in January 2024, according to both complaints filed in the US District Court for the Eastern District of Pennsylvania. “Instead of remedying its deficient cybersecurity practices following LockBit’s theft of” personal information, the complaints say, David’s Bridal “did nothing” and suffered a second attack from another ransomware group, WereWolves, in February 2024.
David’s Bridal—which has 300 ...
Learn more about Bloomberg Law or Log In to keep reading:
See Breaking News in Context
Bloomberg Law provides trusted coverage of current events enhanced with legal analysis.
Already a subscriber?
Log in to keep reading or access research tools and resources.