Moving services provider Sirva Relocation LLC was hit with a proposed class action accusing it of insufficient security practices after a 2023 cyber attack exposed the financial, medical, and personal information of at least 480,000 individuals.
The cybercriminal group LockBit targeted Sirva between September and October 2023 and exfiltrated 1.5 terabytes worth of files, according to a complaint filed Wednesday in the US District Court for the Central District of California. Sirva failed to implement and maintain reasonable security practices—such as encrypting consumer personal data—violating the California Consumer Privacy Act, the complaint said.
The information stolen included names, Social Security ...
Learn more about Bloomberg Law or Log In to keep reading:
See Breaking News in Context
Bloomberg Law provides trusted coverage of current events enhanced with legal analysis.
Already a subscriber?
Log in to keep reading or access research tools and resources.