In the heart of Indiana, Darin Johnson, along with others who shared his fate, found themselves in a predicament that has become all too common in our digital age. Their employer, Nice Pak Products, Inc., a prominent manufacturer of wet wipes, fell victim to a data breach, leaving their personal information exposed and potentially in the hands of malicious actors.
Between May 28, 2023, and June 15, 2023, an unauthorized intrusion into Nice Pak's systems resulted in the theft of sensitive personal data. The compromised data included names, addresses, dates of birth, Social Security numbers, health plan member numbers, and health savings account numbers. Johnson and his colleagues were left vulnerable, their personal information laid bare.
The breach, however, was only the beginning of the problems for Johnson and his fellow employees. Nice Pak, according to the lawsuit, failed to promptly notify the affected employees of the breach and the specific types of information that were stolen. This delay in communication left the employees in the dark, unaware of the extent of their exposure and unable to take immediate steps to protect themselves.
The lawsuit alleges that Nice Pak's failure to adequately secure and safeguard the personal information of its employees was an act of negligence. The company's lack of prompt communication further compounded the damage, leaving the employees to deal with the fallout of the breach.
The lawsuit also brings up the violation of the Federal Trade Commission Act (FTC Act). Under this act, companies are required to protect their consumer's personal information. The alleged violation of this act by Nice Pak forms the basis of the claim of negligence per se.
In addition to negligence and negligence per se, the lawsuit also alleges a breach of an implied contract. By failing to protect the personal information of its employees, Nice Pak has, according to the lawsuit, breached the implied contract that exists between an employer and its employees.
The fourth claim brought forward in the lawsuit is that of unjust enrichment. The lawsuit alleges that Nice Pak has profited at the expense of its employees, who now face the risk of identity theft and financial loss due to the data breach.
The damages sought by Johnson and the proposed class members include compensation for actual damages, including monetary losses, lost time, anxiety, emotional distress, and the increased risk of identity theft. They also seek restitution and damages to cover costs associated with preventing, detecting, and recovering from identity theft or fraud.
The case of Johnson vs. Nice Pak Products, Inc. is a stark reminder of the risks posed by data breaches and the importance of companies taking appropriate measures to protect the personal information of their employees. It also highlights the need for prompt communication in the event of a breach, allowing those affected to take immediate steps to protect themselves.