Plaintiff Stephen Ruffin has filed a class action lawsuit against Truist Bank, alleging that a cyberattack in October 2023 compromised his and other customers’ private information. The lawsuit, lodged in a North Carolina federal court, claims that Truist Bank failed to implement adequate cybersecurity measures, resulting in the exposure of sensitive data such as Social Security numbers, full names, and account details. Ruffin asserts that this breach was preventable and caused significant distress and potential risks for identity theft and fraud.
According to the lawsuit, Ruffin and other class members were not informed promptly or sufficiently about the breach. Ruffin received a notification letter in May 2024, months after the incident, which he argues lacked critical details needed to mitigate the potential damage from the breach. This lack of thorough disclosure has allegedly left affected individuals vulnerable and unable to protect themselves effectively from the consequences.
Ruffin contends that Truist Bank’s negligence is evident given the rising number of high-profile data breaches in the industry. He argues that the bank should have anticipated the risk and reinforced its cybersecurity measures to safeguard customer information. The lawsuit suggests that the bank’s failure to act responsibly has exacerbated the risks for its customers, who now face ongoing scrutiny of their personal and financial records.
The class action seeks damages for negligence, breach of implied contract, and unjust enrichment. Ruffin aims to represent all affected individuals across the U.S., requesting certification of the class action, financial compensation, and an injunction requiring Truist Bank to enhance its cybersecurity practices to prevent future breaches.
Reference:
