Pawn America Faces Class Action Lawsuit Over a Data Breach Due to Recklessness

According to a new class action lawsuit, American pawnshops and payday lending companies enabled hackers to steal hundreds of thousands of customers’ personal information in a recent data breach.

Pawn America’s Alleged Misdeeds

Customers must provide Pawn America with their PII in order to conduct transactions. Customers have a reasonable expectation that Pawn America will maintain the confidentiality and security of their information, the complaint argues. The defendants promised to provide confidentiality and security for customer data on their websites.

Instead of that, Pawn America is alleged to have handled customers’ PII carelessly, leaving information unencrypted on a vulnerable computer network.

According to the Pawn America Data Breach Class Action Lawsuit, Pawn America’s data security practices violated industry standards, Federal Trade Commission regulations, and US Cybersecurity and Infrastructure Security Agency recommendations. Pawn America could have taken preventive measures such as awareness and training programs, application whitelisting firewalls, and preventative software.

According to the lawsuit, Pawn America notified affected customers following the incident that the cybercriminals threatened to expose the information that could allow access for other cybercriminals.

Following that, Pawn America allegedly advised customers to safeguard their information by placing fraud warnings or security freezes upon their credit files. According to the complaint, Pawn America has not provided affected customers any monitoring services or assistance. Instead, customers have to pay for such services out of pocket.

According to the Pawn America Data Breach Class Action Lawsuit, affected customers face an elevated risk of identity theft and fraud as a result of Pawn America’s insufficient safeguarding of their PII. 

Customers’ personally identifiable information may be used to open up new financial accounts, obtain loans, obtain medical services, conduct further phishing, and prepare fraudulent tax returns.

Megan Murillo v. Pawn America Minnesota, LLC

Megan Murillo, a customer, filed the Pawn America Data Breach Class Action Lawsuit against Pawn America Minnesota together with its affiliates following a data breach that exposed its customers’ private identifying information.

The class action alleges that on or about September 28, 2021, the companies’ networks were attacked by ransomware, which was discovered by Pawn America on October 3, 2021. At least 530,000 customers’ full names, driver’s license numbers, Social Security numbers, passport numbers, birth dates, and financial account information were compromised as a result of the breach.

Murrillo transacted with one or more of the defendants in person, which required the disclosure of PII. Murillo alleges she was not notified promptly that her PII had been accessed and compromised.

Murillo is suing on behalf of a nationwide Class of all individuals residing in the United States whose PII was affected in the data breach.

The class action alleges negligence, implied contract breach, and unjust enrichment.

Murillo claims compensatory damages, reimbursement for out-of-pocket expenses, credit monitoring and identity restoration services covered by Pawn America, and injunctive relief, including upgrades to Pawn America’s data security systems and annual audits.

Editor’s Note on Pawn America Data Breach Class Action Lawsuit:

This article is written to inform you of the data breach lawsuit lodged against Pawn America for allegedly not safeguarding its customers’ personal identifying information. We also suggest you read the Partners Healthcare System Privacy Lawsuit.

Case Name & No.: Megan Murillo v. Pawn America Minnesota, LLC, et al., Case No. 0:21-cv-02574

Jurisdiction: US District Court for the District of Minnesota

Allegations: Pawn America failed to safeguard its customers’ PII, resulting in a data breach

What actions will you take if your PII has been exposed? Click the “Contact Us” button below and share with us your thoughts!

Contact Us

You can also reach out to us on Twitter or Facebook or via email at Outreach@ConsiderTheConsumer.com. Also, directly on our website! We look forward to hearing from you.