Facts

Citrix Systems, Inc. is a global technology company that provides cloud computing software and remote access products. Citrix's network was hacked and the hackers were able to access Citrix's internal network and exfiltrated information pertaining to 24,316 current and former employees, their dependents or beneficiaries, or other third parties. Citrix informed its consumers, who then initiated three class action complaints against Citrix that were eventually consolidated.

PLAINTIFFS' CONTENTIONS: Plaintiffs contended that defendant was liable for breach of contract. Defendant collected plaintiffs' identifying information, including social security numbers, names, and birthdays, as a condition of employment and patronage. As a condition of collecting that data, defendants were obligated to implement safeguards that were appropriate under applicable industry standards to protect plaintiffs' information. As a result of Citrix's failure to protect the information with which it was entrusted to safeguard, Plaintiffs suffered harm and were exposed to a significant risk of identity theft, financial fraud, and other identity-related fraud for years to come.

DEFENDANT'S CONTENTIONS: Defendants denied the contentions and contended that they implemented appropriate safeguards.

Result

The parties entered a $2,275,000 settlement agreement.

Other Information

JUDGE: Hon. Roy K. Altman.