Anyone else know about this before today?
https://topclassactions.com/lawsuit-settlements/privacy/data-breach/usaa-class-action-claims-thousands-affected-by-data-breach/
5 replies (most recent on top)
@1pnr+1oIAnZFm
You misread, the post before yours didn’t say USAA wasn’t to blame because it was a third party, they were clarifying the difference between a hack vs a breach and the amount and sensitivity of data accessed. Work on your comprehension skills.
It comes across as condescending because you’re response was to… a different conversation than we’re having lol
It was reported back in June by Texas AG https://www.mysanantonio.com/news/local/article/usaa-data-breach-18175212.php
@ @1pmo+1oIAnZFm, condescending much? A breach is a breach….data accessed without the company’s knowledge or permission.
@1pmo+1oIAnZFm
Not to be an a-hole, but the regulators will not and have seen it that way for a looonngg time. Large banks are responsible for managing the risks presented by 3Ps, and many leaders in banks sign contracts thinking they can escape from the risk management aspect, farm the work out to vendor, and get credit for running a lean department and basically doing no work and saving on the costs of FTEs.
Some of those flawed assumption got blown out of the water by regulators, so unless USAA can demonstrate it took reasonable steps to manage the risk, we could easily be fined and/or held legally responsible, even though we hopefully can recoup some damages from those 3Ps that mess up.
Not an attack on you, but just think you should realize that the finger pointing at 3Ps rarely absolves banks of culpability.
The full USAA database was accessed between Dec. 20, 2022, and May 18, 2023, but clients did not receive notification that their data was compromised until June 26. The breach affected several thousand customers.
This is patently false. USAA was not hacked. A third party contractor decided it was a smart idea to send their company-issued laptop and login credentials to another third-party contractor for them to do their job for them.
The data that was “breached” was what one would expect an MSR to have access to: names, addresses, account info, etc.
This isn’t a non-issue, to be clear, but USAA was not “hacked.” And “the full USAA database” literally doesn’t mean anything. There is no such thing as “the full USAA database.” This was written by someone who has absolutely no idea what they’re talking about.
This is so sad for the people impacted. I have been in mortgage/banking for a long time, and this has become all too common. USAA will see negative results from this. I hope they catch and prosecute the hackers.