St. Petersburg, Florida – Every company is in possession of private and sensitive personal information of their employees. Employees expect that sensitive information to remain private. We currently represent a Ocala man who is an employee at Advance Auto Parts, who along with an estimated 75,000 employees, have lost a secure hold of their sensitive private information. Local media has reported that we have sued Advance Auto Parts alleging that his employer failed to protect sensitive information about its employees, placing them at heightened risk for identity theft.
We filed the complaint, or lawsuit, in federal court on behalf of our client and all similarly situated employees on March 29 in the U.S. District Court for the Middle District of Florida, Ocala Division against Advance Stores Co. Inc., doing business as Advance Auto Parts Inc., citing negligence, breach of fiduciary duty and invasion of privacy.
We believe our client has suffered an increased risk of identity theft and tax fraud because of his employer’s actions.
We believe that Advance Auto Parts Inc. is responsible because the company voluntarily disclosed corporate files containing class members’ sensitive information to a third party posing as an employee. The information apparently included IRS Form W-2, Social Security numbers, 2015 gross wages and the states where the class members pay income tax.
It has been reported that employees for the national Advance Auto Parts should have also received a letter making them aware that their risk of identity and tax refund theft has greatly increased.
Whittel & Melton is seeking compensation for all damages, attorneys’ fees and costs, prejudgment and post-judgment interest and any further legal and equitable relief as the law may require on his behalf.
We continue to investigate the facts and circumstances of this case, and would like to speak with anyone who has been affected by this breach, or anyone with information related to this invasion of privacy.
Data breaches like this one seem to be rampant these days. In March, the IRS sent out an alert to HR professionals to be aware of phishing scams like these. This phishing variation is known as “spoofing,” and will come from an outsider posing as what appears to be a legitimate employee requesting company information.
It is imperative that companies protect their employees and sensitive data from outsiders. In order to avoid these phishing scams, HR professionals need to make sure that security protocols are in place so that these email tricks do not lead to leaked data. A review of all data protection policies, procedures and technologies should take place regularly to keep these types of threats under control.