Fidelity Sued Over Data Breach Affecting 77,000 Clients

Two customers have filed a proposed class-action lawsuit against Fidelity Investments over an August data breach, alleging negligence and invasion of privacy.

The Boston-based asset manager disclosed last week that a hacker had set up two accounts and used them to obtain personal information for nearly 77,100 clients.

In a lawsuit filed later last week in U.S. District Court in Massachusetts, Yaakov and Seth Gluck, who live in Spring Valley, New York, alleged the hacker took Social Security numbers, financial information, names, numbers and addresses.

Thanks to Fidelity’s “failure to protect the breach victims’ personal information, cyber criminals were able to steal everything they could possibly need to commit nearly every conceivable form of identity theft and wreak havoc on the financial and personal lives of potentially millions of individuals,” the complaint contends.

Fidelity harmed the plaintiffs by “failing to implement adequate and reasonable measures to ensure their computer systems were protected,” and by failing to take adequate steps to prevent and stop the breach, to timely detect it and to honor promises to protect clients’ personal information, the Glucks allege.

The lawsuit, which also contends Fidelity didn’t notify customers in a timely fashion, seeks various damages and injunctive relief.

A Fidelity representative didn’t immediately respond to an emailed request for comment.

The company has said it wasn’t aware of any misuse of customers’ personal information but arranged for affected clients to enroll for free in a credit monitoring and identity restoration service for 24 months. The affected clients account for fewer than 0.15% of Fidelity customers, according to the financial services behemoth.

Citywire reported on the lawsuit earlier Monday.

Image: Shutterstock