Attorneys in a class-action lawsuit against three of California’s largest workers’ compensation insurance companies, including
Berkshire Hathaway, are fighting a proposed dismissal of their case by claiming evidence is too devastating to warrant the action.
The suit, filed in April, accuses Berkshire Hathaway Homestate, Zenith Insurance and Cypress Insurance of hacking into California attorney databases and stealing roughly 33,000 workers’ compensation files containing personal information related to a series of cases.
Insurers filed a motion to dismiss the case in June, saying lead plaintiff Adela Gonzalez lacks standing as she cannot identify how she was harmed or aggrieved by the alleged incident under federal and state privacy laws.
But Gonzalez and others struck back Monday, citing the fact that an insurance investigator associated with Berkshire admitted to taking the files, and that the insurer was caught using the information in separate litigation. By hacking into the servers of HQ Sign-Up Services, the platform used by law firm Reyes & Barsoum, Berkshire and the other insurers violated the Stored Communications Act and Computer Fraud and Abuse Act.
“The statutes identified [in the complaint] were enacted and intended to protect the public’s right to privacy in their electronic communications,” Gonzalez wrote in Monday’s action. “Violations of those statutes based on the unlawful data breaches involving personal and confidential data confers standing, therefore, even in the absence of a showing of tangible harm.”
The hacking incident allegedly took place when insurance investigators William Reynolds and Oliver Glover broke into the law firm’s data base on behalf of Zenith and Berkshire. It is said to have taken place over several years, directed by the insurers, in order to access attorney-client privileged documents to gain an advantage in litigation.
It was discovered in April 2014 when an in-chambers meeting during a workers’ compensation case between Berkshire’s attorney and lawyers for the plaintiff. Berkshire’s attorney was caught “red-handed” with the plaintiff’s private files, the complaint states.
Reynolds admitted to the California Workers’ Compensation Appeals Board his role in the hacking scheme, though Berkshire has argued he was not working for the company at the time of the breach. Gonzalez, however, suggests a direct link between the two, pointing in part to his status as a Berkshire employee through LinkedIn.
Berkshire’s acceptance of Reynolds’ stolen information also suggests complicity, she argues.
“While defendants argue that they are ‘strangers’ to plaintiff’s workers’ compensation proceeding in which the hacking was discovered, it is still undisputed that defendants accessed downloaded plaintiff’s In-Take packet, containing confidential and privileged information,” Gonzalez wrote, referring to the file. “[It] is ‘fairly traceable’ to defendants.”
Though pointing out that tangible harm is not required for the suit to go forward, Gonzalez suggests that the public exposure of her information – including attorney communications – caused her harm due to the information’s lost value.
Related stories:
Workers’ comp scammer told to repay $25,000
Supreme Court asked to review state’s workers’ comp system
