“A Cascade of Failures”
The suit accuses Finastra of “failing to implement adequate and reasonable measures” to protect private information, failing to detect and stop the breach quickly, and failing to warn affected customers in a timely fashion. T.H. also claims Bank of America and Chase should be held responsible for not ensuring that their vendor’s systems met industry security standards.
Company Response: “Limited Impact”
A Finastra spokesperson acknowledged the lawsuit in a statement Wednesday, stressing that a forensic investigation confirmed “only a limited number of customers were affected.” The company said it had already completed all necessary notifications and regulatory filings.
“While there is no indication that any data has been misused,” the spokesperson added, “we proactively offered 24 months of credit monitoring to those potentially impacted individuals and continue to cooperate with law enforcement.”
Representatives for Bank of America and JPMorgan Chase declined to comment. Counsel for T.H. did not immediately respond to requests.
