- New York Attorney General filed a lawsuit against Allstate for two data violations
- The demand says that the company did not notify the customers and the government of the attacks.
- Allstate denied having bad and saying that he addressed the problem correctly
The US insurance giant. Allstate has been beaten with a lawsuit for allegedly losing confidential data of customers and not notifying victims about what had happened.
The state of New York has sued the National General Unit of Allstate, with the Attorney General Letitia James presenting the lawsuit in a state court in Manhattan, claiming that the company’s lax security practices resulted in two data violations, one in 2020 and another in 2021, which were not even informed until the lawsuit. The first violation, which occurred between August and November 2020, apparently affected 12,000 people (9,100 New York). The National General did not detect the attack for two months, and never notified the affected clients, or the state agencies of the attack.
The second attack, which occurred in February 2021, affected 187,000 additional customers (155,000 New Yorkers), and occurred after Allstate acquired the National General in January 2021 for approximately $ 4 billion.
Violating the law of Hacks Stop Hacks
These two attacks, and the way in which Allstate (could not) approached them, violate the state stop tricks and improve the electronic data security law, James argued. In addition, the company violated state consumer protection laws, cheating its clients about their data security practices.
Now, James looks for civil files of $ 5,000 for rape, plus other remedies, PakGazette added.
“The weak cybersecurity of National General emboldened the computer pirates to steal the personal data of New Yorkers, not one but twice,” James said. “It is crucial that companies take cyber security to protect consumers from fraud and identity theft.”
In his statement, Allstate denied all irregularities and claimed to have approached the incidents in a timely and adequate way.
“We solved this problem years ago, quickly ensuring our systems after finding vulnerabilities in online summons that could have exposed driver license numbers,” he said. “We immediately notify regulators, we contact potentially affected consumers and offer free credit monitoring as caution.”
Through PakGazette
