Following the aftermath of Capital One breach happened earlier this week, the firms involved in the incident, in one or the other way, are in trouble. Reportedly, a private law firm TYCKO & ZAVAREEI LLP has filed a class-action lawsuit against the firms on behalf of the 100 million individuals affected in the breach.
The plaintiffs have not accused Capital One only. Rather GitHub also faces class-action lawsuit together with Capital One for aiding in the attack. This is due to the action of the suspect, Paige Thompson, who posted part of breached data on GitHub.
At first, the complainants accuse GitHub of not alerting the victims. Nor did they remove the stolen data from their site. As stated in the lawsuit complaint:
GitHub, meanwhile, never alerted any victims that their highly sensitive Personal Information—including Social Security numbers—was displayed on its site, GitHub.com. Nor did GitHub timely remove the obviously hacked data. Instead, the hacked data was available on GitHub.com for three months.
Moreover, they also accuse GitHub Inc. of not detecting the posting of hacked data, and not suspending the attacker’s account.
GitHub apparently did not even suspend the hacker’s GitHub account or access to the site, even though it knew or should have known that the hacker had breached GitHub’s own Terms of Service.
Amazon Also Comes Into Limelight
GitHub isn’t the only company backlashed because of Capital One breach. Recently, Republicans have launched an inquiry regarding the matter, where they also involve Amazon.
It is important to note that the suspect of this breach, Paige Thompson, is an ex-employee of Amazon.
Let me know your thoughts in the comments.