BreachExchange mailing list archives
Settlement OK’d over hacking into financial firm
From: Jake Kouns <jkouns () opensecurityfoundation org>
Date: Fri, 13 Nov 2009 00:45:31 -0500
Settlement OK’d over hacking into financial firm http://billingsgazette.com/news/local/crime-and-courts/article_6341f994-d00d-11de-bfda-001cc4c03286.html A federal judge approved a settlement Thursday in a class action lawsuit against D.A. Davidson & Co. over clients’ information that was compromised by a computer hacker almost two years ago. Chief U.S. District Judge Richard Cebull called the agreement “fair and reasonable.” The settlement could affect 226,000 current and former customers; about 90,000 of them are Montana residents. The civil settlement makes available $1 million to class members for reimbursement if they suffer losses through identity theft. The agreement also gives class members until June 2011 to file a claim for losses. “This case was about peace of mind,” said John Heenan, a Billings attorney who represented the plaintiffs. Now investors know money is available if they have expenses or losses, he said. D.A. Davidson’s attorney, Jim Goetz of Bozeman, said the company is pleased with the agreement. The company took immediate steps to protect its customers after learning of the security breach by providing on its own two years of credit protection monitoring, he said. So far, there has been no evidence of losses from identity theft. “This is insurance just in case,” Goetz said. On Dec. 20, 2007, a D.A. Davidson database of confidential personal and financial information of current and former clients was hacked using sophisticated techniques. The company learned of the problem on Jan. 16, 2008, immediately contacted law enforcement and other regulators and hired a forensic security consultant to investigate. The hacker did not gain access to the company’s operating systems or account information, and no trading accounts were affected. The settlement is the result of more than a year of negotiations between parties after lawsuits were filed. The parties reached a preliminary agreement in August. A few class members objected to the proposed settlement, but only one of the objections was determined to be substantial. In a mediation session on Tuesday before U.S. Magistrate Judge Carolyn Ostby, the problems were resolved. At the request of the plaintiffs, the deadline for filing a claim was extended. [..] Reference: http://datalossdb.org/incidents/899-hacked-database-contains-names-social-security-numbers-and-account-information-for-226-000 _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Get business, compliance, IT and security staff on the same page with CREDANT Technologies: The Shortcut Guide to Understanding Data Protection from Four Critical Perspectives. The eBook begins with considerations important to executives and business leaders. http://www.credant.com/campaigns/ebook-chpt-one-web.php
Current thread:
- Settlement OK’d over hacking into financial firm Jake Kouns (Nov 13)