Allstate’s Data Breach Debacle: New York Sues for Cybersecurity Slip-Up
The New York attorney general is suing Allstate’s National General for allegedly failing to protect consumer data and report breaches impacting thousands. The lawsuit seeks financial penalties and better security measures. National General’s online tools were compromised, exposing over 165,000 New Yorkers’ data. Allstate argues it acted promptly, but the lawsuit claims otherwise.
Hot Take:
Looks like National General took the “General” part a bit too seriously, as in “we’ll generally protect your data… maybe.” It seems their security strategy was as effective as using a colander to hold water. While Allstate might have thought they were acquiring a solid asset, what they got was a cybersecurity sieve. Letitia James is not playing games, and with her legal moves, National General might just have to pay up faster than you can say “data breach.” Who knew that driving without a license would be safer than having your license number in their system?
Key Points:
- New York attorney general Letitia James sues Allstate’s National General for failing to protect driver’s license data.
- The lawsuit requests financial penalties and stronger security measures.
- Breaches in 2020 and 2021 exposed personal data of over 165,000 New Yorkers.
- National General allegedly violated New York’s SHIELD Act by not reporting breaches.
- Previous fines have been imposed on other companies for similar data breaches.