This class action lawsuit is brought by Plaintiff who had his personal identifying and financial information (“PII”) accessed, stolen, and used without his authorization, and because of the negligence, breaches of statutory, common law and contractual duties, and other acts and omissions described herein on the part of the Defendants, he suffered actual harm and monetary damages.
Plaintiff brings this case as a class action on behalf of himself and the more than 70,000 people who have had their personal identifying, motor vehicle, and financial information accessed without their authorization and used illegally as a result of the acts and failures to act of the Defendants. The case seeks to remedy the harmful effects of the breach of their privacy interests, failure to timely and reasonably notify Plaintiff and the Class of the breach in accordance with the laws of most states.
As alleged, over a six-year period, from 2007 through 2013, approximately fifty-five (55) laptop computers were stolen from Coca-Cola Enterprises (“CCE”), the Coca-Cola Company’s (“Coke”) largest United States bottler, which Coke acquired in 2010. Coke recovered certain of these laptops from the thieves during November and December of 2013.
During the period from at least July 2007 through the present (hereinafter the “relevant time period”), the exact dates of which are unknown by the Plaintiff or any member of the Class at this time, the Defendants caused personal identifying, motor vehicle, and financial information about Plaintiff and the Class to be accessed, collected, downloaded, saved, distributed, transferred and used by various individuals and entities without knowledge or consent of Plaintiff and the Class. The corporate Defendants then failed to timely and reasonably notify Plaintiff and the Class of such unauthorized access and breach of their privacy interests.
Moreover, the notice that was finally sent months later was materially false and misleading as to the nature and scope of the breach (that was fully known by Defendants at the time).
The complaint contends that Defendants deliberately delayed in notifying Plaintiff of the breach. Had the Coke Defendants provided notice of the breach in accordance with the data breach notification laws of Pennsylvania and the other states in which the members of the Class reside, Plaintiff and the Class could have and would have taken steps to protect themselves. Instead, for reasons unknown to Plaintiff and the Class, but unrelated to any requirements of law enforcement, the Defendants chose to wait on until the earliest date of January 24, 2014 to inform people, by mail, about the incident.
The case seeks to remedy the harmful effects of the breach of the privacy interests of Plaintiff and the Class, the failure to timely and reasonably notify them of such breach in accordance with the law, and the misleading and deceptive notification sent on January 24, 2014. In addition, Plaintiff and the Class seek restitution, disgorgement, and remediation for the actual damages sustained as a result of the unlawful taking, disclosure, and use of their PII.
Complaint: Coca Cola 11-18-14