TOLEDO, Ohio (Legal Newsline) – An Ohio couple have filed a lawsuit against CenturyLink and MongoDB, its database provider, alleging their negligence and security flaw exposed 2.8 million records of consumers' personally identifiable information.
Christopher and Patricia Masales filed a complaint Nov. 21 in the U.S. District Court for the Northern District of Ohio Western Division at Toledo against CenturyLink Inc. and MongoDB Inc. alleging negligence and violation of the Consumer Fraud and Deceptive Trade Practices Acts of various states and the District of Columbia.
The Masaleses claim that some or all of the personal identifiable information that CenturyLink stored in a database operated by MongoDB as of Nov. 17, 2018, was exposed to the public with no authentication needed to access the information. They allege the data breach was due to the defendants' failure to maintain property data security and that consumers were not made aware of the breach, which took place in September of 2015, until nearly two months after it occurred.
The Masales seek actual and punitive damages, a trial by jury and all other just relief. They are represented by Marc Dann and Brian Flick of DannLaw in Cleveland, Ohio.
U.S. District Court for the Northern District of Ohio Western Division at Toledo case number 3:19-cv-02750-JZ