The state of Rhode Island is asking a federal appellate court to revive claims that Alphabet violated securities laws by waiting too long to disclose a data breach that affected Google+ users.
Rhode Island’s treasurer, who sued on behalf of the state pension system — a company investor — initiated the appeal this week by filing papers with the 9th Circuit Court of Appeals.
original lawsuit, filed against Google’s parent company, stems from software vulnerabilities in Google’s system — including a bug allowed outside developers to access private information about
Google+ users, including their birth dates, photos, occupations, and addresses.
Google allegedly learned of the security glitch in March of 2018, and fixed it by April. But the company did not
publicly disclose it until October of 2018, when The Wall Street Journal reported on the bug.
Rhode Island’s treasurer alleged in an October 2018 complaint that Google violated
securities laws by failing to reveal the data breach in the company’s April or July filings with the Securities and Exchange Commission.
U.S. District Court Judge Jeffrey White in San
Francisco dismissed the lawsuit earlier this year. He ruled that even if the allegations in the complaint were true, they wouldn’t show that Google had made any false or misleading statements in its
regulatory submissions. His decision noted that Google had already remedied the software bug before its April filing.
In addition to the lawsuit by Rhode Island, Google also was hit with a
class-action on behalf of Google+ users.
In January, the company agreed to a $7.5 million settlement of that matter. The deal, which still awaits approval by U.S. District Court Judge Edward
Davila in San Jose, calls for Google+ users affected by the data breaches to receive between $5 and $12.
Get your CompTIA A+, Network+ White Hat-Hacker, Certified Web Intelligence Analyst and more starting at $35 a month. Click here for more details.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .