Precious-metal refiner Elemetal LLC’s failure to implement cybersecurity protections violated California laws and led to a 2023 breach that leaked more than 10,000 customers’ data, a proposed class action said.
Texas-based Elemetal didn’t follow industry standards for cybersecurity, such as encrypting personally identifying information or deleting it once it’s no longer needed, according to a complaint filed Thursday in the US District Court for the Northern District of Texas.
The complaint claims that Elemetal’s lack of security protocols and failure to timely notify customers of the breach violated California’s Unfair Competition Law and the California Consumer Privacy Act.
These vulnerabilities ...
Learn more about Bloomberg Law or Log In to keep reading:
See Breaking News in Context
Bloomberg Law provides trusted coverage of current events enhanced with legal analysis.
Already a subscriber?
Log in to keep reading or access research tools and resources.