SoFi data breach class action overview:
- Who: Plaintiff Joshua Cook filed a class action lawsuit against SoFi Technologies Inc.
- Why: Cook claims SoFi failed to protect consumers’ personal information from a data breach.
- Where: The SoFi data breach class action lawsuit was filed in California federal court.
A new class action lawsuit alleges SoFi Technologies, a fintech company operating as a one-stop digital bank and lending platform, failed to properly secure and safeguard customers’ personal information during a data breach in late 2025.
Plaintiff Joshua Cook claims the data breach compromised the names, dates of birth, addresses, email addresses, phone numbers, employment information and education information of at least 38,049 individuals.
Cook wants to represent a nationwide class and an Illinois subclass of individuals who had their personal information compromised in the SoFi data breach.
According to the SoFi class action lawsuit, the company failed to timely notify affected consumers about the data breach or offer adequate assurances that their personal information has been recovered or destroyed.
Cook claims SoFi failed to properly monitor or implement reasonable data security measures to protect consumers’ personal information.
Cook accuses SoFi of negligence, negligence per se, breach of contract, breach of implied contract and unjust enrichment. He also asserts claims for declaratory judgment and violations of the Illinois Consumer Fraud and Deceptive Business Practices Act.
SoFi data breach lawsuit claims company failed to comply with industry standards
Cook argues that SoFi had obligations created by contract, industry standards, common law and representations made to consumers to keep their personal information confidential and to protect it from unauthorized access and disclosure.
The SoFi class action lawsuit points to the substantial increase in cyberattacks in recent years and argues SoFi knew or should have known that its electronic records would be targeted by cybercriminals.
Cook says SoFi failed to comply with Federal Trade Commission guidelines and industry standards to protect consumers’ personal information.
The plaintiff demands a jury trial and requests an order certifying the class action lawsuit. Cook also requests injunctive and other equitable relief, including an order requiring SoFi to implement improved data security measures and purchase or provide funds for lifetime credit monitoring and identity theft insurance for the class members.
If your personal information was compromised in a data breach involving a healthcare provider or financial organization, you may have legal options.
What do you think about the allegations made in this SoFi data breach class action lawsuit? Tell us your thoughts in the comments.
The plaintiff is represented by M. Anderson Berry, Gregory Haroutunian and Brandon P. Jack of Emery Reddy P.C. and Neil P. Williams of Siri & Glimstad LLP.
The SoFi data breach class action lawsuit is Cook v. SoFi Technologies Inc., Case No. 3:26-cv-01722, in the U.S. District Court for the Northern District of California, San Francisco Division.
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
- Amazon class action dismissed after judge finds plaintiffs failed to state valid CPA claim
- Boston Red Sox class action alleges team used ‘drip pricing’ for tickets
- Ford recalls 48,000 vehicles due to valve failure concerns
- Dollar Tree class action claims retailer printed too many credit card digits on receipts
62 thoughts onSoFi class action alleges data breach exposed sensitive customer information
I have SoFi and I asked them about this and the person I spoke to said they were sure my information had not been affected, but how is it possible for someone to say that without getting my information?
I think SoFi and other electronic banks (or any bank) should be held responsible for NOT PROTECTING consumers hard earned money. My daughter was coherced, scammed out of $5000 by someone pretending to be a customer service representative with Zelle. Under distress and coercion before she knew it all her money was gone even though they promised her funds were safe and secure, FDIC protected. She reported immediately once she realized what had just happened. SoFi notified her 6 days later there looked to be fraudulent activities on her account then proceeded to tell her it was not fraud and denied return of her money.
Why are these electronic banks NOT held to higher standards? Why are scammers allowed to walk away with trusting hard working people’s money?
Regular brick and mortar banks are held to higher standards and return consumers money due to fraud, period.
I had Sofi and had PL’s and credit cards opened with my info. I’m still fighting to get these closed and removed from my NOW 400 credit score. This time last year, after buying our home my score was almost on the 700s again.. Yes I’d very much like to be contacted for this lawsuit.
Thank you
I have been scammed, bank account wiped by someone posing as a SoFi manager. I wasn’t notified of the breach, the information they have and the alerts used someone has my info add me to the class action suit
I have sofi please add me to this lawsuit
I am a customer of SoFi Bank for over a year now, please add me, I have personal information in the dark web
I use SoFi so please add me to lawsuit. They have all my info