GEICO to face class action over allegations of privacy breach

Plaintiffs say the insurance giant failed to secure their data

GEICO to face class action over allegations of privacy breach

Insurance News

By Mika Pangilinan

GEICO is set to confront a nationwide class action lawsuit after allegedly compromising its customers’ privacy through the unauthorized release of their driver's license numbers that were later used by identity thieves to secure fraudulent unemployment benefits.

US District Judge Kiyo Matsumoto delivered the decision to proceed with the lawsuit in Brooklyn earlier this week, Reuters reported, upholding a magistrate judge’s recommendation that the case move forward.

The accusations against GEICO are rooted in its practice of auto-populating driver’s license numbers when users enter details such as names, addresses, and birth dates during the process of obtaining insurance quotes online.

According to the lawsuit, criminals exploited this practice and breached the company’s system between November 24, 2020, and March 1, 2021, using the license numbers and other personal details to fraudulently apply for unemployment benefits under victims’ names.

Plaintiffs further argued that GEICO’s failure to secure their data exposed them to increased risks of identity fraud, requiring them to spend time and resources on monitoring their financial accounts and credit profiles.

In her decision, Matsumoto said it would be premature to accept GEICO's contention that it could not be held directly responsible for the plaintiffs’ injuries, noting that the theft had merely been a part of a “concerted campaign by fraudsters” targeting the online quotation systems of insurance companies.

Matsumoto had accepted US Magistrate Judge Sanket Bulsara’s recommendation that the insurer must defend itself against claims that it had been negligent and violated the federal Driver’s Privacy Protection Act.

She also endorsed the recommendation to dismiss claims that GEICO had violated a New York state consumer protection law and committed negligence “per se,” according to Reuters.

Earlier this month, some employees at the Berkshire Hathaway subsidiary said they were worried that their personal information may have been leaked after a third-party vendor was impacted by a data breach involving file transfer software MOVEIt.

What are your thoughts on this story? Feel free to comment below.

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!