Samsung facing class action alleging CCPA violations over data breaches
By 
Adrianne Appel2022-10-03T21:09:00
Samsung collected too much personal data from customers and failed to adequately secure it, leading to two data breaches this year and potentially millions of harmed individuals, a class-action lawsuit filed in September alleges.
The complaint, filed in U.S. District Court for the Northern District of California, claims Samsung violated the California Consumer Privacy Act (CCPA) by failing to protect the personally identifiable information (PII) of California residents. The lawsuit’s two plaintiffs, on behalf of the class, question whether Samsung “implemented and maintained reasonable security procedures and practices appropriate to the nature of the information to protect the PII under the CCPA.”
The lawsuit also alleges violations of the Michigan Identify Theft Protection Act for Samsung failing to timely disclose the second of the two breaches it suffered this year.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
News BriefCalifornia AG launches CCPA violation sweep against mobile apps
The California attorney general announced his office notified an unspecified number of businesses with mobile apps they are failing to comply with the California Consumer Privacy Act.
-
ArticleUber CSO ruling fallout: Individual liability extends to data breach response
The case of the Uber chief security officer found guilty by a jury on two felonies for covering up a data breach and misleading federal regulators opens up another potential individual liability issue executives handling cyber incidents face, according to legal experts.
-
ArticleOptus data breach fallout shows widespread impact of cybercrime
Optus isn’t alone in trying to calm public nerves and find out what happened to cause a breach that exposed the records of 9.8 million current and former customers. Australian government agencies are also attempting to fight fires and reassure citizens their personal info is safe.
More from Cybersecurity
-
News BriefU.K. says company boards need to worry more about cybersecurity risks
The U.K. government wants directors and boards of directors to become more actively involved in cybersecurity risks facing public and private companies, as the world faces “alarming” threats from criminal gangs and malicious nation-states. Though many organizations take cybersecurity seriously, the U.K. government says they do not place management of ...
-
PremiumNavigating compliance: A guide for small teams to tackle CMMC
Many small organizations within the Defense Industrial Base are struggling to meet the rigorous requirements validated through the Cybersecurity Maturity Model Certification, writes Thomas Graham, CISO at Redspin. If you haven’t been tracking it closely, CMMC was finalized in October, with an effective date of December 16, 2024.
-
PremiumFinancial crime in the shadows of the dark web
The dark web has been depicted as a long-standing hub for crimes, where illegal activities such as drug dealing, financial fraud, weapon sales, murder for hire, stolen credit cards, and ransomware gags are easily accessible to the public.