Cricket Wireless faces a class action lawsuit filed by Alexis Morgan after a data breach exposed the personal information of approximately 10 million customers. The lawsuit claims the company failed to protect its customers’ sensitive data and did not ensure that third-party vendors, like Snowflake, implemented proper security measures. The breach affected call and text records from May 2022 to January 2023, exposing phone numbers and cell site identification numbers.
According to the lawsuit, Cricket Wireless assured customers that their data was secure through its privacy policies, but cybercriminals exploited vulnerabilities in Snowflake, a third-party cloud platform used by the company. The breach occurred in early 2024, but customers were not notified until three months later, without receiving details about the cause of the breach or the steps taken to prevent future incidents.
Morgan accuses Cricket Wireless of negligence and breach of contract, claiming that the company’s delayed response and lack of transparency have increased the risk of future identity theft and fraud for affected customers. She is seeking class action certification, damages, and stronger security measures to prevent further breaches.
This lawsuit follows a trend of legal actions against companies like Intuit, Ticketmaster, and AT&T for data breaches. Many of these cases argue that companies failed to safeguard customer data properly, resulting in significant harm to consumers.
Reference: