Deloitte Sued Over Pandemic Unemployment Website Data Breaches

(Bloomberg) -- Deloitte Consulting LLP was hit with two suits by people who claim their personal information was exposed on state websites the firm built to administer supplemental coronavirus unemployment benefits.

A group of Ohio residents sued Deloitte late Thursday in Manhattan federal court, after officials in that state, Illinois and Colorado disclosed that personal information from benefit applicants, including home addresses and social security numbers, was exposed to other users of the system. Another group of Ohioans sued Deloitte in state court in Cleveland. Both suits are proposed class actions.

Deloitte build all three state web portals for laid-off residents to apply for benefits under the Pandemic Unemployment Assistance program passed as part of the $2 trillion federal coronavirus relief bill. The program pays an additional $600 a week to recipients on top of their state unemployment insurance payments.

Deloitte didn’t immediately respond to emails seeking comment on the suits.

The applicants “have been forced to take multiple precautionary steps to protect themselves and their property in an effort to avoid becoming a victim of identity fraud,” the New York complaint said. These include changing account passwords, reviewing bank and credit card statements, filing reports with the Federal Trade Commission and taking extra precaution with emails from unknown senders, according to the suit.

The suits seek unspecified damages and orders requiring Deloitte to take steps to protect the applicants from possible identity theft.

The cases are: Culbertson v. Deloitte Consulting LLP, 20-cv-03962, U.S. District Court, Southern District of New York (Manhattan); Bozin v. Deloitte Consulting LLP, CV 20 932778, Ohio Court of Common Pleas, Cuyahoga County (Cleveland).

©2020 Bloomberg L.P.

BQ Install

Bloomberg Quint

Add BloombergQuint App to Home screen.