North American IT company Presidio faces a proposed data breach class action by an employee for an incident involving employee data. Eric LaPrairie, a former Presidio employee, received a notice of a data breach from Presidio, and about a month later found out that he was the victim of a SIM swap (a technique in which a hacker uses personal information to swap someone’s telephone number onto a new phone). After the SIM swap, LaPrairie claims the hacker was able to reset some of LaPrairie’s online passwords and attempted to gain access to his bank accounts and other accounts storing personal documents.
LaPrairie claims that he spent between 15-20 hours working with his mobile carrier to correct the problem and updating his online account security.
On March 5, 2020, a hacker accessed Presidio’s servers and the personal information of 3,324 current or former employees, including their names, Social Security numbers, employment information, and tax information. The affected employees received notices about the breach in April 2020. Presidio offered either 12 or 24 months of credit monitoring services to all individuals who were affected.
LaPrairie seeks to represent a nationwide class of all current and former employees in a data breach class action and claims negligence, breach of contract, unjust enrichment, and violations of several state laws. LaPrairie is seeking damages, attorneys’ fees, and costs, and for a requirement that Presidio bolster its security measures.