Second lawsuit filed naming mega-brokerage in Feb. carrier data breach
Just weeks after the a one truck operator from Wisconsin filed a federal lawsuit against mega-broker Total Quality Logistics seeking damages after being subject to a massive data breach, a separate class-action lawsuit has been filed naming the brokerage.
Two motor carriers have filed a class-action complaint naming TQL. According to the new complaint “This class action seeks to redress TQL’s many failures that caused cyber criminals and identity thieves to access Plaintiffs’ and the Class’s Confidential Information. The complaint says that both Plaintiffs have suffered damages and all members of the Class are at imminent risk of serious and crippling identity theft.”
The Breach
Computer systems at Total Quality Logistics (TQL) were compromised data-breach that was first discovered on the morning of February 23, 2020 when TQL’s accounting department called a carrier to verify changes to their banking information within their system. The carrier reportedly denied knowledge of the change prompting the accounting department to send the issue to the IT department within TQL.
An internal memo sent to company employees that morning and obtained by Freight Broker Live addressed the scope of the data breach. “The information compromised from some carrier accounts included tax ID numbers, bank account numbers, and in some cases social security numbers,” TQL’s CEO Ken Oaks says in the letter. It also says that customer information was also breached including “email addresses, phone numbers, first and last names and TQL customer ID numbers”
Sources say there is evidence the breach occurred quite a while before being discovered, although it is unclear of just how long the hackers were dormant in the system. It appears several carrier’s banking information was changed and that payments were sent out to these altered bank accounts. Internal sources say the total amount stolen was less than $100,000. TQL says they have identified less than 20 carriers where ACH payment theft may have occurred.
Class Action Complaint
In a new class action lawsuit filed March 23rd, 2020 two carriers allege the that increased risk of fraud and identity theft as a result of this data breach, is alone a significant injury to the carriers, “as it places each of these small businesses and sole proprietors in the position of having to divert company resources away from transporting freight during a urgent time of nationwide supply-chain crisis,” the compliant states,
The first of the two plaintiffs, Finesse Express, LLC, is a Lawrenceville, Georgia based trucking company with one truck according to the FMCSA. The company looks to have started operations in 2019. According to the complaint “in the weeks following the February 27 email from TQL, Finesse has spent approximately 15 hours responding to the Data Breach, including reviewing every transaction that comes through its company bank accounts.”
The complaint alleges Finesse has identified three fraudulent transactions occurring since late February and had to spend time away from driving and “acquiring loads” contesting these fraudulent charges with his bank.
The complaint alleges Finesse has also missed out on business opportunities, including an 890 mile load worth around $2,500 that Finesse would have been able to acquire but for the time it had to spend responding to the Data Breach
The second trucking company, Wider Group, Inc. is a larger trucking company based in Indianapolis, Indiana. According to the complaint, Wider has 150 trucks. According to the complaint “Plaintiff Wider has spent time responding to the Data Breach including time on
the phone with its financial institution and time monitoring company bank accounts.”
The complaint alleges TQL should be held responsible for the damages it has caused Plaintiffs and other carriers through the Data Breach as the TQL should have taken additional measures to keep the carrier’s business and financial information confidential, and now because TQL has failed to do so, “Plaintiffs are left holding the bag.”
The plaintiffs are asserting all claims of behalf of a nationwide Class defined as follows “All persons whose sensitive personal and business information, including Social Security numbers or Tax ID numbers, bank account numbers, and was compromised as a result of the Data Breach at Total Quality Logistics, LLC announced in February 2020.
While it is early, we will be closely following this case and will update as new information becomes available.
