Close Close
Sign In
Newsletters
Popular Financial Topics Discover relevant content from across the suite of ALM legal publications From the Industry More content from ThinkAdvisor and select sponsors Investment Advisor Issue Gallery Read digital editions of Investment Advisor Magazine Tax Facts Get clear, current, and reliable answers to pressing tax questions
Luminaries Awards
Podcast Center Video Center Webcasts Resource Center Events
About ThinkAdvisor Contact Us Advertise With Us Asset & Logo Licensing Sitemap Terms of Service Privacy Policy Copyright © 2024 ALM Global, LLC. All Rights Reserved.
ThinkAdvisor
Wells Fargo branch in NY

Regulation and Compliance > Litigation

Wells Fargo Customer Sues Over Data Breach

By Dinah Wisenberg Brin

X
Your article was successfully shared with the contacts you provided.

What You Need to Know

  • The bank says a former employee accessed customer data for fraudulent purposes.
  • A customer alleges Wells Fargo was negligent, failing to adequately safeguard the information.
  • Affected customers remain in the dark about the incident, the lawsuit alleges.

A Wells Fargo customer has filed a presumptive class action lawsuit against the financial services company over a personal-data exposure disclosed to authorities last month, alleging negligence and breach of fiduciary duty, among other violations.

Tamra Bacon contends Wells Fargo failed to properly safeguard customers’ personally identifiable information in its network, including full names, addresses, phone numbers, email addresses, birth dates and numbers for driver’s licenses, bank and brokerage accounts, credit cards and Social Security.

The breach, discovered in July, occurred when, as Wells Fargo explained in a letter to customers, “a former employee accessed, and in some cases used, customer information for fraudulent purposes.”

The bank told customers their personal information was accessed between May 2022 and March 2023, that it had notified law enforcement and that it was offering identity theft protection services.

“Not until months after it claims to have discovered the data breach did (Wells Fargo) begin sending the notice” to people whose private information was potentially compromised, according to the lawsuit, filed Friday in U.S. District Court in California’s northern district.

Wells Fargo supplied the letter to customers to the Vermont attorney general’s office in September; the letter on file carries an August date. The lawsuit, however, alleges the bank waited roughly three months after discovering the breach to alert affected customers.

Bacon contends the notice lacked sufficient information on how the breach occurred, what measures have been taken to prevent further attacks and where the exposed personal information exists today.

Even today, customers “remain in the dark” about what data was stolen, the malware used and the safeguards being taken to secure their personally identifiable information in the future, the complaint alleges.

“We take our responsibility to safeguard your information very seriously. We promptly responded to this incident and have been working diligently to notify you and to assist you in protecting your information,” the institution said in the latter.

“We are continually working to improve how we protect your information. We are taking measures to monitor your account[s] for suspicious events or changes and continually review our security measures to reduce the likelihood of this happening in the future. ”

Wells Fargo representatives didn’t immediately comment Monday.

Bacon seeks injunctive relief and damages, as well as class certification covering at least thousands of similarly situated customers in the “ preventable hack.”

Photo: Bloomberg

Dinah Wisenberg Brin

NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.