Class Actions

San Francisco Transit Agency Seeks Approval of Class Action Settlement

• Bay Area Rapid Transit (BART) sought preliminary approval of a class action settlement to resolve claims that the transit agency’s mobile app secretly collected various information about its users, including mobile device ID number and location, even when users are not reporting incidents.

• Under the settlement, BART has agreed to certain injunctive relief, including to not collect information about app users, and will not oppose the named plaintiff’s request for an incentive award of up to $2,500. BART also agreed not to oppose class counsel’s request for attorneys’ fees of up to $57,500.

Data Breaches

Cryptocurrency Investment Platform Atlas Quantum Breached

  • Atlas Quantum, an investment platform that allows users to buy and sell bitcoin and other cryptocurrencies, experienced a data breach that exposed the personal information of approximately 261,000 users.
  • According to the company, although no cryptocurrency was stolen, the breach exposed customers’ names, phone numbers, email addresses and account balances.

AirCanada Mobile App Breach Exposes as Many as 20,000 User Profiles

  • AirCanada recently notified users that “unusual login behavior” on its mobile app from August 22 through August 24 may have allowed an unauthorized user to access as many as 20,000 profiles, potentially exposing names, email addresses, telephone numbers, Known Traveler Numbers, gender, birth dates, nationalities and passport information.
  • According to the company’s notice, no credit card information was exposed, and the risk of a third party fraudulently obtaining a passport in someone’s name is low.

T-Mobile Incident Affects as Many as Two Million Customers

  • Telecom company T-Mobile experienced a data security incident that it described as allowing “unauthorized access to certain information” of as many as two million customers.
  • In the company’s online statement, it disclosed that personal information, including name, billing zip code, phone number, email address, account number and account type, may have been exposed. No financial information or Social Security numbers were involved.