Settlement Reached in Consulting Actuarial Firm Data Hack
A class action suit involving a data hack of participant data at a consulting firm has reached a $7.75 million cash settlement. The suit arose from a November 2021 cyber security “incident” involving Horizon Actuarial Services LLC and data on some 100,000 individuals who were signed up for benefit plans through their employers.
The suit was filed in April 2023 in the Northern District of Georgia by plaintiffs Justin Sherwood (the original plaintiff), Lindsey Quan, Tabatha Bedont f/k/a Tabatha Johnson, Greg Torrano, Jennifer Hill, Sia Moody, Anthony Ruiz, Alice Dodd, Frederick Lewis, Douglas Ackman, Ryan Evans, Amber Thomas, and Maria Chavez who alleged that a series of failures put at risk the security of their personally identifiable information (PII).
The Suit
According to the suit, the breach affected 25 multiemployer benefit plans and thousands of plan participants. The suit alleged that the data breach was a direct result of Horizon’s failure to implement adequate security systems and safeguards, despite the fact that data breaches are increasingly common and “wreak havoc” on those affected by them. The suit also criticized the lack of operational safeguard and alleged that Horizon failed to properly train and supervise its employees and vendors, comply with industry-standard data security practices, and comply with state and federal laws and regulations governing data security and practices.
According to the proposed settlement, Horizon waited several months before informing Class Members about the data breach, leaving them unaware that their sensitive personal identifying information had been compromised. The suit claimed that this delay exposed the plaintiffs and class members to the imminent threat of identity theft and various other forms of personal, social, and financial harm.
The Settlement
The settlement negotiated on behalf of the class provides for the creation of a $7,750,000 non-reversionary Settlement Fund. This fund will be used to reimburse Out-of-Pocket Losses, Lost Time, and Cash Compensation, cover Notice and Administrative Expenses, provide Fee Awards and Expenses as awarded by the Court, and make a cy pres payment to the benefit of all class members.
Eligible reimbursable expenses include losses relating to fraud or identity theft, professional fees, costs associated with freezing or unfreezing credit, credit monitoring costs, and miscellaneous expenses. The settlement aims to compensate the plaintiffs for the time and money they will have to spend to re-secure their bank accounts and identities, as well as protect against identity theft in the future.
