Student loan servicer Heartland ECSI “failed to institute proper security protocols” to protect individuals’ Social Security numbers and other personally identifiable information (PII), alleged a negligence class action Thursday (docket 2:24-cv-00699) in U.S. District Court for Western Pennsylvania.

Healthcare institutions are “particularly vulnerable" to cyberattacks because of the value of the private information they collect and maintain, but defendant DocGo failed to follow cybersecurity best practices, allowing cuber thieves to gain access to current and former patients’ protected health information (PHI) and personally identifiable information (PII), alleged a negligence class action Thursday (docket 1:24-cv-03594) in U.S. District Court for Southern New York.

Guess & Co. CEO Jerry Guess and the corporation he founded falsely represented in a stock offering to investors that the North Carolina company was a diversified energy, healthcare, technology and real estate corporation that had earned millions of dollars in revenue from its business operations in 2019 to 2021, said a securities fraud complaint (docket 8:24-cv-00172) Thursday in U.S. District Court for Nebraska.

Verizon and TracFone Wireless seek the dismissal of Team Marketing Group’s one-count complaint for breach of contract, as the plaintiff fails to state a claim upon which relief can be granted under Federal Rule of Civil Procedure 12(b)(6), said their joint motion Thursday (docket 1:24-cv-20600) in U.S. District Court for Southern Florida in Miami.

The Universal Service Administrative Co. owes Data Research Corp. (DRC) $9.9 million, plus interest, for broadband services it provided more than 20 years ago to the Puerto Rico Department of Education (PRDOE) under the federal E-rate program, DRC's complaint Wednesday alleges (docket 3:24-cv-01211) in U.S. District Court for Puerto Rico in San Juan.

T-Mobile moved Wednesday to compel arbitration in an 18-case multidistrict data breach litigation because all the more than three dozen plaintiffs in those actions agreed “on numerous occasions” to arbitrate any claims they may have against T-Mobile, said its motion (docket 4:23-md-03073) in U.S. District Court for Western Missouri in Kansas City. The plaintiffs can’t avoid “their contractual obligations,” it said.

General Motors' “about-face” decision to stop selling driver data from OnStar-equipped vehicles, shortly after a March New York Times article that “exposed its deficient privacy practices,” supports the assertion that “its customers were not aware of GM’s surreptitious data collection and sharing,” alleged a class action (docket 4:24-cv-11221) Wednesday in U.S. District Court for Eastern Michigan in Flint.

LTD Broadband asked the U.S. Court of Appeals for the D.C. Circuit Wednesday to overturn the FCC's denial of its Rural Digital Opportunity Fund Phase (RDOF) I auction long-form application. It filed a partially redacted petition (docket 24-1017). LTD was the largest RDOF winner, receiving an award of roughly $1.3 billion to deploy broadband to 528,088 locations across more than a dozen states (see 2012070039).

Not-for-profit healthcare organization MedStar Health failed to encrypt or redact current and former patients’ protected health information (PHI) and personally identifiable information (PII) in a 2023 data breach that occurred between Jan. 25 and Oct. 13, alleged two Tuesday class actions (dockets 1:24-cv-01337 and 1:24-cv-01335) in U.S. District Court for Maryland. The virtually identical complaints were filed by Milberg Coleman attorney Thomas Pacheco.

The “hidden spy pixel trackers” that Target embeds in its marketing emails to customers violate Arizona’s Telephone, Utility and Communication Service Records Act, alleged a class action Tuesday (docket 2:24-cv-01048) in U.S. District Court for Arizona.