The Breach and Delayed Disclosure
Lead plaintiff Allen Moure filed suit in May 2022, accusing Mahwah, New Jersey-based DialAmerica of waiting months to alert employees after an “unauthorized actor” infiltrated company servers between February and July 2021. The stolen data reportedly included names, Social Security numbers, addresses, and internal IDs.
Although the company investigated from July 2021 to February 2022, it didn’t notify affected employees or authorities until April 2022. Moure’s claims ranged from negligence to unjust enrichment.
Settlement Terms and Cybersecurity Overhaul
Judge Williams approved the settlement in April. The deal provides up to $1.3 million in direct monetary relief, free two-year identity protection for roughly 214,000 affected individuals, and binding commitments by DialAmerica to bolster cybersecurity defenses.
DialAmerica’s early bid to dismiss the case — arguing lack of jurisdiction and absence of a concrete injury — was denied once the parties reported the settlement.
