Aug 7, 2019 | Consumer Protection, Employment & Technology Archive
On August 7, 2019, latesthackingnews.com reported that “CafePress.com, an American e-commerce platform, turns out to be another victim of a cyber attack. Although the store hasn’t revealed anything officially. The news surfaced online suggesting a hacking attack happened earlier this year. It turns out that the site CafePress.com suffered a data breach impacting 23 million accounts.”
Latesthackingnews.com also reported that the hack of CafePress.com occurred in February 2019 and impacted 23,205,290 accounts, “exposing the personal details of users,” such as “names, email addresses, SHA-1 hashed passwords, physical addresses, and phone numbers of the users.”
On August 5, 2019, engadget.com reported that “T-shirt seller CafePress has been asking customers to choose new passwords as part of an updated ‘password policy,’ but the news came soon after reports that the site had been the victim of a data breach in February. Have I Been Pwned claimed that over 23.2 million accounts had been exposed, including email addresses, names, physical addresses and phone numbers.
According to engadget.com, “[p]rovided the reports of a breach are accurate, they raise a number of questions. How recently did CafePress learn of the breach? Has it done anything else to improve security? And why would it only acknowledge a breach through a password reset that doesn’t even mention the security incident? There has been pressure for clearer data breach disclosures, and this could be a textbook example of why. Many users might not even know that there was a breach, let alone how it affects their personal info.”
Have You Been Impacted by A Data Breach?
If so, please either contact Kehoe Law Firm, P.C. Partner Michael Yarnoff, Esq., (215) 792-6676, Ext. 804, [email protected], complete the form on the right or send an e-mail to [email protected] for a free, no-obligation case evaluation of your facts to determine whether your privacy rights have been violated and whether there is a basis for a data privacy class action.
Examples of the type of relief sought by data privacy class actions, include, but are not limited to, reimbursement of identity theft losses and of out-of-pocket costs paid by data breach victims for protective measures such as credit monitoring services, credit reports, and credit freezes; compensation for time spent responding to the breach; imposition of credit monitoring services and identity theft insurance, paid for by the defendant company; and improvements to the defendant company’s data security systems.
Data privacy class actions are brought on a contingent-fee basis; thus, plaintiffs and the class members do not pay out-of-pocket attorney’s fees or litigation costs. Subject to court approval, attorney’s fees and litigation costs are derived from the recovery obtained for the class.
Aug 7, 2019 | Securities Class Action Archive
Broker-Dealers and Broker-Dealer Representatives Paid “Steep Commissions to Sell Troubled Private Placements”
Kehoe Law Firm, P.C. is investigating alleged wrongdoing and potential fraud at GPB Capital Holdings, LLC (“GPB Capital”) and its limited partnership funds, as well as David Gentile, GPB Capital’s founder and Chief Executive Officer; William Jacoby, its Chief Financial Officer; Roger Anscher, its Chief Operating Officer and General Counsel; and Michael Cohn, GPB Capital’s Chief Compliance Officer.
On June 24, 2019, InvestmentNews.com reported that “[b]roker-dealers and their reps who sold private placements for GPB Capital were paid tens of millions of dollars in commissions, but now must face clients whose investments have dropped in value dramatically.” InvestmentNews.com also reported that
[a]ccording to a GPB document sent to broker-dealers . . ., GPB raised $1.8 billion from wealthy investors who bought the high-risk private placements from registered reps and their broker-dealers. Collectively, they were paid $167 million in fees and commissions for the transactions. That means brokers and their firms collected 9.3% of the money clients invested into GPB private placements. [Emphasis added.]
An unidentified broker-dealer, according to InvestmentNews.com, “. . . was dismayed by the latest valuations of the private placements by GPB, which acknowledged in March that it was being investigated by the FBI.”
GPB Capital describes itself as a “New York-based alternative asset management firm that seeks to acquire income-producing private companies.” GPB Capital raised more than $1.5 billion in capital held in private limited partnerships that invest primarily in auto dealerships and waste management businesses. Interests in GPB funds were sold through independent broker-dealers, including Arkadios Capital; FSC Securities Corp; Royal Alliance Associates, Inc.; Sagepoint Financial Inc.; and Woodbury Financial Services, Inc.
GPB Capital Accused of “Massive Securities Fraud” in Lawsuit Filed by an Auto Dealer
On July 30, 2019, InvestmentNews.com reported that
[t]he silence emanating from GPB Capital is both maddening and infuriating to the broker-dealers and advisers that sold $1.8 billion in high-risk private placements created by GPB.
The red alert is flashing; GPB recently reported the value of those funds have been decimated, and currently are being valued at $1.1 billion, a decline of almost 40%.
Brokers want answers now, and, according to one executive at a broker-dealer that sold the alternative investment funds, GPB management is not giving any. Instead, GPB is telling the 60 or so firms that sold the private placement and the clients who bought them to wait until September when an audit will be completed for more information about the pricing of their funds.
Until then, brokers and clients can mull over allegations made in a lawsuit this month by a business partner of GPB Capital who claimed that GPB engaged in “serious financial misconduct” and tried to push him out after he complained to the Securities and Exchange Commission, according to a published report. [Emphasis added.]
On July 19, 2019, according to InvestmentNews.com, “. . . a complaint [was] filed in Norfolk Superior Court in Massachusetts . . . by David Rosenberg, chief executive of Prime Automotive Group. He accused GPB of engaging in ‘a massive securities fraud,’ in which it used money from investors to prop up the performance of auto dealerships it owns, as well as to finance payments to other investors.”
Have You Invested in GPB Capital Funds?
If you have invested in either GPB Automotive Portfolio, LP; GPB Cold Storage LP; GPB Eurobond Finance PLC; GPB Holdings II, LP; GPB Holdings III, LP; GPB Holdings Qualified, LP; GPB Holdings, LP; GPB NYC Development, LP; GPB Scientific, LLC; GPB Waste Management, LP (formerly known as GPB Waste Management Fund, LP) and have questions or concerns, please contact either John Kehoe, Esq., (215) 792-6676, Ext. 801, [email protected], or Michael Yarnoff, Esq., (215) 792-6676, Ext. 804, [email protected], [email protected].
Kehoe Law Firm, P.C.
Aug 2, 2019 | Securities Class Action Archive
A class action lawsuit has been filed in United States District Court on behalf of purchasers of the common stock of Carbonite, Inc. (“Carbonite” or the “Company”) (NASDAQ:CARB) during the period between February 7, 2019 and July 25, 2019 (the “Class Period”). The class action complaint charges Carbonite and certain of its officers with violations of the Securities Exchange Act of 1934.
If you purchased the securities of Carbonite during the Class Period February 7, 2019-July 25, 2019 and suffered financial losses, please click Join a Securities Class Action to participate in the lawsuit or contact either Michael Yarnoff, Esq., (215) 792-6676, Ext. 804, [email protected], [email protected], Esq., (215) 792-6676, Ext. 801, [email protected], or , to learn more about the lawsuit or the securities investigation.
Carbonite investors and shareholders have until September 30, 2019 to move the Court to serve as lead plaintiff.
The complaint alleges that during the Class Period, defendants issued materially false and misleading statements and/or failed to disclose adverse information regarding the technological quality of the Server Backup VM Edition and its potential to add “meaningfully” to Carbonite’s financial performance for fiscal 2019. Specifically, defendants allegedly failed to disclose that: (i) Carbonite’s Server Backup VM Edition was of poor quality and technologically flawed; (ii) Carbonite was receiving poor reviews and complaints from customers about the Server Backup VM Edition; and (iii) the poor quality and technological flaws of the Server Backup VM Edition were acting as a “disruptive” factor throughout the Carbonite salesforce and keeping that sales organization from closing opportunistically on several larger deals during fiscal 2019; and (iv) as a result of the foregoing, Carbonite lacked any reasonable for issuing its positive projections and financial forecasts.
Subsequently, on July 25, 2019, Carbonite, according to the complaint, announced that it was withdrawing the Server Backup VM Edition from the marketplace and consequently dramatically lowered its financial projections for fiscal 2019 and 2020. On the same day, Carbonite’s Chief Executive Officer announced he was leaving the Company.
On this news, the price of Carbonite stock, according to the complaint, dropped more than 24%, from a close of $23.90 per share on July 25, 2019 to a close of $18.01 per share on July 26, 2019.
The complaint alleges that the Carbonite Defendants are liable for: (i) making false statements; or (ii) failing to disclose adverse facts known to them about Carbonite. Defendants’ fraudulent scheme and course of business that operated as a fraud or deceit on purchasers of Carbonite stock was a success, as it: (i) deceived the investing public regarding Carbonite’s prospects and business; (ii) artificially inflated the price of Carbonite common stock; (iii) enabled Defendants Mohamad S. Ali and Anthony Folger, as well as other Carbonite insiders, to collectively sell close to $3 million of their personally-held Carbonite stock to the unsuspecting public; and (iv) caused Plaintiff and other members of the Class to purchase Carbonite common stock at artificially inflated prices.
Jul 30, 2019 | Securities Class Action Archive
A class action lawsuit has been filed in the United States District Court for the Eastern District of New York on behalf of all investors that purchased Oasmia Pharmaceutical AB (“Oasmia” or the “Company”) (NasdaqCM: OASM) securities between October 23, 2015 and July 9, 2019 (the “Class Period”).
Investors of the securities of Oasmia Pharmaceutical AB are encouraged to click Join a Securities Class Action to participate in the lawsuit or contact either John Kehoe, Esq., (215) 792-6676, Ext. 801, [email protected], or Michael Yarnoff, Esq., (215) 792-6676, Ext. 804, [email protected], [email protected], to learn more about the class action lawsuit or potential legal claims.
Investors have until September 27, 2019 to move the Court to be appointed lead plaintiff in the class action lawsuit.
According to the class action complaint, throughout the Class Period, defendants made false and/or misleading statements and/or failed to disclose that: (1) Oasmia engaged in improper related-party transactions with Alceco International S.A. and Ardenia Investment LTD, which were controlled by Defendant Aleksov and his former father-in-law; (2) due to those transactions, millions of Swedish kronor were not accounted for in Oasmia’s books; (3) transactions concerning Oasmia’s patents were also “carried out in a doubtful way;” and (4) as a result of the aforementioned misconduct, defendants’ statements about Oasmia’s business, operations, and prospects were materially false and/or misleading and/or lacked a reasonable basis at all relevant times.
According to the complaint, on June 28, 2019, Oasmia issued a press release that stated it was reporting suspicious transactions made between Oasmia and related partners Alceco and Ardenia to the Swedish Economic Crime Authority and appointing a special examiner to review them.
On this news, shares of Oasmia fell $0.319 per share, or approximately 24%, to close at $1.021 per share on June 28, 2019, damaging investors.
On July 9, 2019, after the close of the market, Oasmia issued another press release that stated it had ended its relationship with former executive chairmen Julian Aleksov because of the transactions mentioned in Oasmia’s June 28, 2019 press release.
On this news, shares of Oasmia fell $0.34, or more than 13%, to close at $2.26 per share on July 10, 2019, further damaging investors.
Jul 30, 2019 | Consumer Protection, Employment & Technology Archive
Former Seattle Technology Company Software Engineer Arrested For Theft of Capital One Financial Corporation Data
On July 29, 2019, USA TODAY reported the following:
Capital One said . . . that personal information, including the Social Security and bank account numbers of more than 100 million individuals, were compromised in a massive data theft that led to the arrest of a Seattle woman.
Paige A. Thompson, 33, a former software engineer, is accused of stealing data from Capital One credit card applications in what is one of the top 10 largest data breaches ever, according to USA TODAY research.
The FBI arrested Thompson on Monday for the theft, which occurred between March 12 and July 17, court records show. Among the data allegedly collected from a company cloud-based server were Social Security and bank account numbers. [Emphasis added.]
According to Capital One:
Based on [Capital One’s] analysis to date, this event affected approximately 100 million individuals in the United States and approximately 6 million in Canada.
Importantly, no credit card account numbers or log-in credentials were compromised and over 99 percent of Social Security numbers were not compromised.
The largest category of information accessed was information on consumers and small businesses as of the time they applied for one of our credit card products from 2005 through early 2019. This information included personal information Capital One routinely collects at the time it receives credit card applications, including names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth, and self-reported income. Beyond the credit card application data, the individual also obtained portions of credit card customer data, including:
Customer status data, e.g., credit scores, credit limits, balances, payment history, contact information[;]
Fragments of transaction data from a total of 23 days during 2016, 2017 and 2018[.]
No bank account numbers or Social Security numbers were compromised, other than:
About 140,000 Social Security numbers of our credit card customers[;]
About 80,000 linked bank account numbers of our secured credit card customers[.]
For [Capital One’s] Canadian credit card customers, approximately 1 million Social Insurance Numbers were compromised in this incident. [Emphasis added.]
The U.S. Department of Justice press release regarding Thompson’s arrest stated:
A former Seattle technology company software engineer was arrested today on a criminal complaint charging computer fraud and abuse for an intrusion on the stored data of Capital One Financial Corporation, announced U.S. Attorney Brian T. Moran. PAIGE A. THOMPSON a/k/a erratic, 33, made her initial appearance in U.S. District Court in Seattle today and was ordered detained pending a hearing on August 1, 2019.
According to the criminal complaint, THOMPSON posted on the information sharing site GitHub about her theft of information from the servers storing Capital One data. The intrusion occurred through a misconfigured web application firewall that enabled access to the data. On July 17, 2019, a GitHub user who saw the post alerted Capital One to the possibility it had suffered a data theft. After determining on July 19, 2019, that there had been an intrusion into its data, Capital One contacted the FBI. Cyber investigators were able to identify THOMPSON as the person who was posting about the data theft. This morning agents executed a search warrant at THOMPSON’s residence and seized electronic storage devices containing a copy of the data. [Emphasis added.]
