Wells Fargo Customer Sues Over Data Breach

A Wells Fargo customer has filed a presumptive class action lawsuit against the financial services company over a personal-data exposure disclosed to authorities last month, alleging negligence and breach of fiduciary duty, among other violations.

Tamra Bacon contends Wells Fargo failed to properly safeguard customers’ personally identifiable information in its network, including full names, addresses, phone numbers, email addresses, birth dates and numbers for driver’s licenses, bank and brokerage accounts, credit cards and Social Security.

The breach, discovered in July, occurred when, as Wells Fargo explained in a letter to customers, “a former employee accessed, and in some cases used, customer information for fraudulent purposes.”

The bank told customers their personal information was accessed between May 2022 and March 2023, that it had notified law enforcement and that it was offering identity theft protection services.

“Not until months after it claims to have discovered the data breach did (Wells Fargo) begin sending the notice” to people whose private information was potentially compromised, according to the lawsuit, filed Friday in U.S. District Court in California’s northern district.

Wells Fargo supplied the letter to customers to the Vermont attorney general’s office in September; the letter on file carries an August date. The lawsuit, however, alleges the bank waited roughly three months after discovering the breach to alert affected customers.

Bacon contends the notice lacked sufficient information on how the breach occurred, what measures have been taken to prevent further attacks and where the exposed personal information exists today.

Even today, customers “remain in the dark” about what data was stolen, the malware used and the safeguards being taken to secure their personally identifiable information in the future, the complaint alleges.

“We take our responsibility to safeguard your information very seriously. We promptly responded to this incident and have been working diligently to notify you and to assist you in protecting your information,” the institution said in the latter.

“We are continually working to improve how we protect your information. We are taking measures to monitor your account[s] for suspicious events or changes and continually review our security measures to reduce the likelihood of this happening in the future. ”

Wells Fargo representatives didn’t immediately comment Monday.

Bacon seeks injunctive relief and damages, as well as class certification covering at least thousands of similarly situated customers in the “ preventable hack.”

Photo: Bloomberg