BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.
To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.
To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.
A federal appeals court has overturned a lower court and reinstated a putative class action lawsuit filed by a former pharmaceutical company employee whose personal information was released on the dark web following a phishing attack.
Jennifer Clemens, a former employee of ExecuPharm Inc., a unit of Parexel International Corp., whose U.S. headquarters is in Newton, Massachusetts, was required as a condition of her employment to provide sensitive personal and financial information, such as her Social Security and bank and financial account numbers, according to Friday’s ruling by the 3rd U.S. Circuit Court of Appeals in Philadelphia in Jennifer Clemens v. ExecuPharm Inc.; Parexel Int’l Corp. The company promised it would take appropriate measures to protect the information.
In March 2020, a hacking group accessed ExecuPharm’s services through a phishing attack and installed malware to encrypt the data stored on its servers, the ruling said. Either because ExecuPharm did not pay ransomware or for other reasons, the company’s data was released on the dark web.
To mitigate potential harm, Ms. Clemens immediately took actions including moving to a new bank and purchasing credit monitoring services.
She filed a putative class-action lawsuit against the companies in U.S. District Court in Philadelphia, on charges including breaches of contract, fiduciary duty and confidence.
The district court dismissed the case, stating Ms. Clemens had not yet experienced actual identity theft or fraud. It was overturned by a unanimous three-judge appeals court panel.
ExecuPharm “expressly contracted” to protect Ms. Clemens’ information in its employment agreement, said the ruling, adding, “As employment agreements have become routine, information security provisions” as in this case “have assumed a new prominence.
“Likewise, the failure to uphold those provisions – particularly in the digital age – can yield uniquely drastic consequences,” the ruling said, in reinstating the case and remanding the ruling for further proceedings.
Plaintiff attorney J. Austin Moore, a partner with Stueve Siegel Hanson LLP in Kansas City, Missouri, said in a statement, “We appreciate the panel’s thorough and well-reasoned analysis and look forward to pursuing the merits of these claims before the district court.”
Parexel’s attorneys did not respond to a request for comment.