We are actively investigating a class action lawsuit against Anthem for Washington State consumers. We have spoken with a few individuals who have already received a notice of the data breach. If you know of someone in Washington who was insured with Anthem and who has received notice of the breach, please contact me at Catherine@stritmatter.com or Counsel@stritmatter.com.
Today’s Seattle Times front page article reports on the case against Nordstrom that I blogged about a couple weeks ago. Big corporations have perpetuated the myth that shareholder lawsuits are simply to line the pockets of attorneys. Let me address that head on: Shareholders like Judith Burbrink (the Nordstrom shareholder-plaintiff in this case) are smart to look out for their own interests rather than cast a blind eye to the company’s financial reports. Because of cases like this, corporations that have a family legacy will hopefully think twice about allowing extravagant travel expenses for executives and their relatives.
There are many individual investors that simply trust that their interests as shareholders are well guarded. After all, only a few like Ms. Burbrink have the patience or time to sift through details about how a company’s fleet of planes is used. Does it make sense to side with the corporations or with the investor? Retail investors should thank her. Aren’t you glad for some checks-and-balances that Washington lawmakers put in place for the rare shareholder who cares enough?
Full disclosure: Consumer protection/class action attorney Brad J. Moore of Stritmatter Kessler Whelan is local counsel on this case.
Washington State Insurance Commissioner Mike Kreidler is not the only one who is wondering why it took Premera so long to act, after realizing that at least 11 million individuals’ information were exposed to a data breach. We are too and want to see the large class of Premera customers find justice.
Hackers had unauthorized access to approximately 6 million in Washington and the other 5 million in Alaska and Oregon whose information. There are possibly other markets associated with this breach that extends beyond Washington, Oregon, and Alaska.
Our firm is pursuing a class action to obtain a meaningful recovery for all of the victims involved as the result of Premera’s lack of vigilance over their customer’s data. Please contact PremeraClass@Stritmatter.com, as our attorneys want to speak with you ASAP. Our own Brad J. Moore, who is at the helm of the country’s largest public interest law firm (Public Justice) has a long track record of success with some of the largest consumer protection class action lawsuits.
According to KUOW, after Premera called Kreidler to inform him about the data breach that had occurred over a month before, he asked his staff to find out why it took the health insurer so long to inform everyone about this significant news.
He’s launched a multistate investigation of Premera, explaining: “We would have been heavily engaged in this activity weeks ago if we’d been afforded the opportunity to know in a more timely basis. It was clear once we were notified. Which is part of the irritation right now. It took six weeks.”
The class action/consumer protection attorneys are all for Kreidler’s idea about establishing rules that would have compelled Premera to reveal the information within hours, not weeks.
Again, if you or someone you know was or is a Premera insured and believe that sensitive information was accessed in an unauthorized manner, contact us at PremeraClass@Stritmatter.com
Many questions ran through my head about Premera’s information security, when news came out earlier this week about its massive data breach involving at least 11 million customers first hit the news. Initially, some praised Premera’s response to the sophisticated cyber attack that reportedly occurred in May 2014. However, it turns out that before the breach ever occurred, a federal watchdog agency (Office of Personnel Management’s Office of Inspector General) notified Premera of at least 10 ways that it should address a range of security weaknesses that the audit of their systems revealed.
Among the weaknesses found by the Office of Personnel Management’s Office of Inspector General’s audit were issues related to patch management, insecure server configurations and weakness related to password history configuration settings
Pop. With the news about the fed audit and findings, the bubble of hope in my mind burst: Looks like Premera had not done everything possible in securing its customers’ data before the May 2014 cyberattack. In fact, Premera had “respectfully disagreed” with some of the recommendations related to patches “as it believe[d] deployment of critical security patches is in compliance with the documented patch management policy provided to the OPM audit staff.”
OIG didn’t agree:
The results of the vulnerability scans performed during the fieldwork phase of this audit indicated that Premera was not in compliance with its policy for deploying patches within a specific timeframe based on criticality. As part of the audit resolution process, we recommend that Premera provide OPM with evidence that it has adequately implemented this recommendation. [emphasis added]
The onsite portion of the audit was conducted during January and February of 2014, with additional offsite audit work performed by OIG before and after the on-site visit. The draft report that OIG issued to Premera on April 18, 2014, was based on Premera’s security controls as of March 2014, according to a final version of the report that OIG issued publicly in November 2014.
In a statement earlier this week, Premera, based in Mountlake Terrace, Wash., said that on Jan. 29, it discovered that cyber-attackers had gained unauthorized access to its systems, exposing information on 11 million individuals. An investigation by forensic experts hired by Premera shows that the initial attack occurred on May 5, 2014, the insurer says. That’s less than a month after OIG issued its draft audit report. What unfortunate timing for Premera and all of its insureds…
Granted, no one is yet saying that had Premera timely compliance with OIG’s recommendations would have thwarted the May 2014 cyberattack. The facts should illuminate all of us at some point down the road*. In the meantime, privacy experts such as Kate Borten point out that “failure to patch and unsecure configurations are vulnerabilities we’ve known about for decades…Regardless of whether they contributed to this latest attack, every organization – large and small – should pay attention to such common issues… Make it a priority to keep up with patches. Run vulnerability scans and respond to them by correcting security problems. Make sure your tech and infosec staff understand these security risks, and train them if not.”
NOTE: Stritmatter Kessler Whelan is researching a potential class action against Premera. If you or someone you know had an individual plan (not on a company sponsored plan), please contact me at Catherine@Stritmatter.com.
A derivative shareholder lawsuit was filed with plaintiff Judith Burbrink, claiming that retailer Nordstrom filed false, misleading proxy statements with the SEC that covers up the substantial costs associated with operating the planes while rubber-stamping related party transactions with the family. Nordstrom has claimed in SEC filings that the company charges the family market prices for services it provides them. Moreover, the company has stated that payments it receives from the family exceed the estimated costs of providing those services.
Interestingly, however, the lawsuit claims that contrary to those filings, Nordstrom’s board “has never conducted any analysis of the costs of providing the services to the Nordstrom family.” [emphasis added]
The complaint goes on to say that Nordstrom’s has been operating a “bloated and costly” flight department to manage company planes, as well as personal aircraft for the
Nordstrom family. Specific figures detailing the approximate costs of the operation are redacted in the complaint, but Burbrink claims the flight department has cost shareholders millions of dollars. “Contrary to their materially false and misleading statements, the Board has, year after year, violated their fiduciary duties by blessing the related party transactions with the Nordstrom family without inquiring what the costs to the Company are, and whether the charges to the Nordstrom family equitably reflect their share of use of the Flight Department’s resources,” the lawsuit said. “The Board has also utterly failed to inquire whether the payments from the Nordstrom family adequately compensate the Company for undertaking an aviation-services enterprise that is far removed from the Company’s core business and that exposes the Company to risk of liability,” it added.
According to the complaint, the amount of services the company provided to the Nordstrom family jumped in 2007 during the financial crisis. Between March 2007 and November 2008, the company’s stock price fell from $55 per share to $6.61 per share, which inflicted “steep losses on the Nordstrom family,” the suit said. “Not coincidentally, it was around this time that the Nordstrom family began to shift the costs of flying and maintaining their vast fleet of personal planes on to the Company,” the lawsuit said.
The complaint was filed after the plaintiffs attorneys from Strimatter Kessler Whelan, Morgan & Morgan PC, Kyros Law Offices and Hung G. Ta Esq. PLLC inspected company documents Nordstrom produced. “The Company believes that all of the information in our publicly-filed proxy statement regarding aircraft matters is consistent with SEC requirements, IRS guidelines and other governing laws and regulations,” Nordstrom said Friday in an email. “We strive to act in strict accordance with our governance rules.”
Burbrink is represented by Brad J. Moore of Stritmatter Kessler Whelan, Hung Ta, Natalia Williams and JooYun Kim of Hung G. Ta Esq. PLLC, Peter Safirstein and Roger Sachar of Morgan & Morgan PC and Konstantine W. Kyros of Kyros Law Offices.
NOTE: The aforementioned is an excerpt of what appears in various news articles that surfaced today.
Yesterday, a court order to unseal the entire court file in the massive whistleblower case against Trinity Guardrails (maker of now infamous ET Plus guardrails) will likely save many lives. This file contains literally hundreds of sealed pleadings and exhibits relating to a dangerous highway guardrail that’s been linked to dozens of deaths and injuries. The court also held that all of the testimony and exhibits from a recent trial of the case must also remain open to the public, effective immediately.
Below is an excerpt from the Public Justice website*:
The [court order to unseal all of the files for public access] is so important in this case. A major highway guardrail manufacturer, Trinity, will not be able to hide the fact that it kept its changed guardrail design from the federal government and that that guardrail design is unsafe. The victory also means that the public has access to facts that will be critical for making the case that the federal government should withdraw its approval of these guardrails. And it’s ammunition for states seeking to phase out and remove these lethal guardrails from our highways.
Trinity was sued for defrauding the federal government by changing the design of its guardrail end terminals, not conducting appropriate crash tests on the new design, and not telling the federal government about the changes—meaning that the guardrails remained on the Federal Highway Administration’s list of approved guardrails. A jury found that Trinity defrauded the government to the tune of $175 million.
Because of the design change, when the terminal is hit by a car, instead of absorbing the energy of the crash and slowing the vehicle, the guardrail jams and turns into a potentially lethal spear. Drivers and their passengers have been decapitated, their limbs have been severed, and they have been stabbed by these guardrails. A study by Public Justice client, The Safety Institute found that the redesigned Trinity guardrail was 2.86 to 3.95 times more likely to be involved in a lethal accident and 1.36 to 1.95 times more likely to be involved in an accident with serious injury than Trinity’s older design.
In the case against Trinity, huge swaths of court records—including crash test documents—were filed under seal. On behalf of The Safety Institute and the Center for Auto Safety, consumer protection attorneys sought to intervene to unseal the records. Although our motion to intervene was denied, our efforts to unseal the records helped to convince the court to do the right thing.
*NOTE: Stritmatter Kessler Whelan partner Brad J. Moore currently serves as President Elect of Public Justice, the country’s largest public interest law firm.
Yesterday, The New York Times reported on the following: Earlier this week, we received a groundbreaking decision in the first of the Yakima Valley, WA dairy cases led by Public Justice*, in which we just won on motion for summary judgment. This is a case brought in the Eastern District of Washington on behalf of Center for Food Safety and a local community group under the Resource Conservation and Recovery Act (RCRA), seeking to find that the dairies were operating as open dumps and endangering the public health by contaminating the local water supply with nitrates. This case is the first of its kind to seek to establish that manure created at an industrial animal operation (in this case, a mega-dairy), when mishandled, is a solid waste under RCRA. This legal approach is particularly meaningful because RCRA offers far-reaching remedies to force the industry to clean up their practices and the contamination they caused.
Building on inspiring work by Charlie Tebbutt to develop the facts of the case, Public Justice took the lead in the motion for summary judgment briefing. In a 111-page precedent-setting opinion, the Court found that Plaintiffs had established their case on all five claims concerning the drinking water supply, and that the only critical issue left for trial on the groundwater contamination is the remedies. The court reserved Plaintiffs’ RCRA claims on environmental contamination of surface waters and whether the cow pens were sources of contamination for trial because Plaintiffs did not move for summary judgment on those issues (they were extremely minor claims and were left out in an effort to pair down the motion). To summarize Plaintiffs’ five claims, the Court ruled:
- Plaintiffs had standing.
- Defendants’ manure was a solid waste under RCRA because it had no beneficial use (they created far more than they could properly use).
- The manure was leaking into groundwater, which is the Valley’s drinking water supply, and endangering public health through nitrate contamination.
- The dairy is operating in violation of RCRA’s open dumping provisions, meaning they must conform to sanitary landfill or other waste treatment standards.
- The corporate entities backing Cow Palace were also liable.
This is an enormous victory for the Yakima Valley community, who have been fighting for clean water for more than two decades, as well as for advocates seeking to reform industrial animal agriculture to a more sustainable place. The Food Project already has several cases either filed or being developed to build off of this groundbreaking precedent, and this will empower countless communities whose drinking water has been poisoned by factory farms. It is also simply an historical moment for environmental law to expand RCRA in this fashion, and will help pressure the industry to operate in a more sanitary fashion, protecting not only the environment and the local community, but the animals, the workers, and consumers.
For Public Justice, this is a model case because it was brought not only by Public Justice, but in partnership with Board members. Brad Moore with Stritmatter Kessler Whelan in Seattle acted as local counsel, attending the site inspection and performed key depositions that gave us the facts we needed to win at summary judgment, and Beth Terrell with Terrell Marshall Daudt & Willie, also of Seattle also played a prominent role in the case, most recently in drafting ALL of the Daubert motions for Defendants’ numerous experts. Both provided critical financing to make these cases possible.
Also significant: Judge Rice ruled on Plaintiffs motions to unseal the documents in the case. The Plaintiffs have vigorously opposed Defendants’ prolific document sealing and it was rewarding to receive a strong opinion in favor of an open court, and against court secrecy. All of the documents supporting our case were unsealed.
On a more personal note, and something that brings home the import of this case, when Ms. Jessica Culpepper was at the hearing on this motion, an 83 year old woman approached her afterward. The woman was an elder in the Yakama Tribe, and had traveled to Spokane to see the hearing and report back to the other elders. The two spoke for some time about the case, her life, and Public Justice. She thanked the legal team for their tenacity to fight this important legal battle. In the Yakama language, the elder spoke about how important the work was to protect their waters. Ms. Culpepper asked her to write down how to say “thank you” in Yakama:
This is a major victory on the side of justice. We will continue to update you as the case progresses.
*Brad J. Moore serves as President Elect of Public Justice, the nation’s largest public interest law firm that advocates consumer rights.
Sprint may have been overcharging its consumers to the tune of millions of dollars by cramming unauthorized charges onto its consumers’ bills. Haven’t we heard this before? Yes, in fact earlier this year, SKW attorney Brad J. Moore, also the President Elect of Public Justice (the country’s largest public interest law firm focused on consumer protection) obtained a $20 million class action settlement against Sprint PCS for illegal taxes.
Most recently, the Federal Communications Commission (FCC) and Consumer Financial Protection Bureau are targeting Sprint in an investigation for practices of illegally billing customers tens of millions of dollars for unauthorized charges related to premium text messages.
Just yesterday, the consumer bureau sued Sprint in Federal District Court in Manhattan. The lawsuit claims that Sprint has been operating a billing system that allows third parties to “cram” unauthorized charges onto consumers’ mobile phone bills.
On a parallel track, the F.C.C. is conducting a similar investigation. Sources reveal that a settlement where Sprint would pay $105 million in refunds/restitution is imminent.
“Consumers ended up paying tens of millions of dollars in unauthorized charges, even though many of them had no idea that third parties could even place charges on their bills,” said Richard Cordray, director of the consumer bureau. “As the use of mobile payments grows, we will continue to hold wireless carriers accountable for illegal third-party billing.”
In the past, the F.C.C., the Federal Trade Commission and state attorneys general have participated in lawsuits or settlements with AT&T and T-Mobile for similar alleged cramming charges. The practices under scrutiny typically focused on charges on customers’ bills for premium text messages, that came via horoscopes or other digital content.
The three major mobile companies have gotten hit with accusations of ignoring warning signs that many of the charges were unauthorized. Ignoring thousands of consumer complaints, these carriers blithely allowed third-party companies to assess the charges.
The action by the consumer bureau is a clear signal (again, no pun intended!) of its ongoing plans to police mobile payment systems (e.g., Apple Pay, Google Wallet, and others). Thank goodness for consumer protection groups and watchful agencies who are not entirely in the pockets of these mobile companies.
SKW Brad Moore is waging a battle against another Goliath. This one is against Dun & Bradstreet in a class action lawsuit. One of the many Davids is small business owner O & R Construction from Oak Harbor, a general contractor construction business.
Getting a D&B rating is necessary to do business in this country. But is it right to wreak havoc on your customers’ credit ratings to upsell them a “tool” that will clear any “errors” on small businesses’ credit reports? Watch the KIRO 7 video and decide for yourself.
Earlier this year, Judge Thomas S. Zilly in Seattle denied a motion by the Short Hills, N.J., credit-report giant Dun & Bradstreet to dismiss O & R’s lawsuit.
If you are interested in joining the class because you are a business owner who has suffered from similar tactics with Dun & Bradstreet, contact us at Brad@stritmatter.com.