Top Class Actions’s website and social media posts use affiliate links. If you make a purchase using such links, we may receive a commission, but it will not result in any additional charges to you. Please review our Affiliate Link Disclosure for more information.
Blackbaud Data Breach Class Action Lawsuit Overview:
- Who: A federal judge dismissed a handful of claims in consolidated class action lawsuits filed in the aftermath of the massive 2020 Blackbaud data breach.
- Why: While the judge trimmed some state law claims, Blackbaud Inc still faces allegations it should have done more to prevent a 2020 ransomware attack that exposed millions of users unencrypted personal data.
- Where: The consolidated Blackbaud data breach class actions are pending in South Carolina federal court.
A federal judge in South Carolina struck down some but not all of the dozens of statutory claims filed against Blackbaud Inc contending the computer software company did not do enough to prevent a 2020 ransomware attack and data breach.
Blackbaud data breach class action lawsuit claims were consolidated into multidistrict litigation alleging the company failed to protect user’s unencrypted personal data.
In a recent ruling, U.S. District Judge Julia Childs dismissed seven of the consolidated class action lawsuit claims. A total of 34 plaintiffs from 20 states had alleged that Blackbaud failed to do enough to secure the private information of millions of users.
Blackbaud Data Breach May Have Exposed the Personal and Health Information of Millions
Blackbaud sells cloud software programs to health care, philanthropic and educational organizations and claims on its website to have millions of users in more than 100 countries around the globe.
Users’ information was put at risk last year, however, after a data breach exposed personal information that included names, addresses, birthdays, and social security numbers, among other things. The attack ended after Blackbaud agreed to pay the hackers ransom in bitcoin.
Blackbaud to Face Class Action Claims After Data Breach
Judge Childs ruled that while plaintiffs in the states of New Jersey, Pennsylvania, and South Carolina had failed to adequately show Blackbaud had violated consumer protection laws, she allowed multiple allegations to proceed after determining the company had violated the California Consumer Privacy Act (CCPA).
The CCPA took effect for the first time in January of last year and allows statutory damages to be awarded to consumers for up to $750 for every violation. Companies, like Blackbaud, can be held liable if it is determined they failed to implement security procedures that were reasonable.
Judge Childs turned down Blackbaud’s argument that it did not qualify as a business and so could not be held to the standard set by the CCPA.
“California plaintiffs adequately allege that Blackbaud qualifies as a ‘business’ under the CCPA,” Judge Childs noted in her opinion. “Blackbaud uses consumers’ personal data to provide services at consumers’ requests, as well as to develop, improve, and test Blackbaud’s services.”
Judge Childs also allowed plaintiffs claims that Blackbaud used deceptive acts and practices, violating New York General Business Law Section 349, and issued mixed rulings for plaintiffs claims under Florida’s Deceptive Trade Practices Act and the California Confidentiality of Medical Information Act.
Some plaintiff’s had their claims dismissed by Judge Childs after a motion was filed by Blackbaud under the New Jersey Consumer Fraud Act, South Carolina Data Breach Act, and the Pennsylvania Unfair Trade Practices and Consumer Protection Law.
Do you believe Blackbaud should have done more to prevent the data breach? Let us know in the comments!
The plaintiffs are represented by Motley Rice, LLC, DiCello Levitt Gutzler LLC, Susman Godfrey LLP, Whitfield Bryson LLP, and Keller Rohrback LLP.
The Blackbaud Data Breach Class Action Lawsuit is Blackbaud Inc. Customer Data Security Breach Litigation, Case No. 3:20-mn-02972, in the U.S. District Court for the District of South Carolina.
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
- T-Mobile Investigates Data Breach Potentially Affecting 100 Million Customers
- Do You Qualify: Ohio Medicaid Data Breach Class Action Lawsuit Investigation
- Ally Bank Showed Private Customer Info to Third Parties, Class Action Lawsuit Alleges
- MGM Resorts Used ‘Incredibly Vulnerable’ Server Say Guests in 2019 Data Breach Class Action
One thought on Blackbaud Data Breach Class Action Trimmed, Claims Co Misrepresented Scope of Hack Will Proceed
Please include me