August 04, 2021

A proposed consumer class has opposed MGM Resorts' bid to dismiss a suit over a data breach that exposed the personal information of 10.6 million guests, telling a Nevada federal court that the company argues wrongly that the consumers fall short in claiming negligence and harm.

The consumers argued that MGM Resorts International failed to keep their personally identifiable information secure from well-known threats by storing their guest information in an "incredibly vulnerable" cloud server in the summer of 2019, when hackers downloaded the data with minimal effort. The breach has allowed criminals to use guests' information to conduct financial crimes and target the proposed class for identity theft and other data misuse, the consumers said Monday.

The hotel and casino giant's motion relies on two misleading arguments to try to persuade the court, according to the consumers. First, it incorrectly claims that the consolidated class action complaint doesn't show how MGM failed to provide reasonable data security "other than the fact of the security incident," and second, it errs in asserting that the guests fail to allege sufficient damages, the consumers said.

. . .

The class plaintiffs are represented by Don Springmeyer of Kemp Jones LLP, Miles N. Clark and Matthew I. Knepper of Knepper & Clark LLC; E. Michelle Drake, Michael Dell'Angelo, Jon Lambiras and Reginald Streater of Berger Montague PC; Douglas J. McNamara, Andrew N. Friedman, Geoffrey A. Graber and Paul Stephan of Cohen Milstein Sellers & Toll PLLC; David M. Berger of Gibbs Law Group LLP; and John A. Yanchunis, Jean S. Martin and Marcio Valladares of Morgan & Morgan Complex Litigation Group.

The complete article can be accessed here.