A freight brokerage company in Cincinnati faces a $ 5 million lawsuit over a data breach that occurred last month.
Total Quality Logistics (TQL) computer systems were compromised in a cyber attack on February 23. Customer and carrier information was disclosed after threat actors breached the company’s online web portal.
Carrier data at risk in the attack included tax ID numbers, bank account numbers and, in some cases, social security numbers. The breached customer data included email addresses, telephone numbers, first and last names, and TQL customer ID numbers.
Now TQL is being sued by an unnamed freight forwarder owned by Charles Newman of Milwaukee County, Wisconsin. A complaint filed in the US District Court for the Southern District of Ohio alleged that TQL “did not implement and maintain adequate security measures for personal information.”
The plaintiff accuses TQL of negligence and claims that the consequences of the data protection violation were serious and far-reaching.
“If TQL had taken the known risk of intrusion into the Internet seriously and appropriately tested, examined and invested in its IT systems and trained its employees appropriately,” says the lawsuit, “the data breach would never have occurred.”
The complaint alleges that as a result of the breach, hackers have accessed compromised data and “in an increasing number of cases” used compromised data to conduct fraudulent transactions. According to the lawsuit, “the full extent of the damage has yet to be recognized.”
Newman, represented by Kerger law firm in Toledo, Ohio, is seeking certification of the complaint as a class action that would allow other motor companies to join the lawsuit.
TQL is one of the largest private freight brokerage companies in America, moving over 1.8 million cargo loads in the US and Canada each year. The company has 57 sales offices and a large network of over 85,000 freight forwarders.
Four days after the violation, TQL President Kerry Byrne sent an email notifying airlines, including Newman, of violations.
According to Byrne’s email, the attackers may have gained access to TQL data through an “information / data phishing attempt”.
TQL advised shippers to check if their bank accounts were compromised and recommended that each shipper take additional security measures, including setting up a fraud notification on their credit files.