-

Words with Friends Developer, Zynga, Sued Over User Data Breach, Law Firm FeganScott Announces

Suit alleges app developer’s lax security encryption led to massive data breach

SAN FRANCISCO--(BUSINESS WIRE)--Zynga, developer of popular mobile games Words with Friends and Draw Something, is the target of a proposed class-action lawsuit filed by FeganScott on behalf of players affected by a data breach.

The suit claims the Zynga failed to alert users of a data breach, allowing personal data, including name, email address, Zynga ID and password, Facebook ID and password and, in some instances, financial information, to be used in fraudulent activity.

According to Elizabeth Fegan, managing member and founding partner of FeganScott, Zynga’s customer database was breached in September 2019 by a serial hacker who accessed more than 170 million customer accounts. After being alerted about the breach, Zynga never directly notified customers that their accounts were compromised.

“Zynga promised to protect its customers’ data with ‘reasonable security measures,’” Fegan said. “However, when users’ personal data was compromised, Zynga did nothing to contact those who were affected by the breach. Now millions of customers are facing the very real threat of identity theft and fraud for years to come—simply because they trusted Zynga would sufficiently protect their information.”

Significantly, a substantial portion of Zynga’s user base is made up of minors. Fegan noted that children’s personal information is particularly attractive to identity thieves, because minors do not check their credit reports, meaning thieves may not get caught for years or even decades.

The lawsuit claims Zynga used SHA-1, or Secure Hash Algorithm 1 encryption, which was banned by the federal government as early as 2010. The 41-page complaint notes that Zynga knew about its vulnerabilities as early as 2012, and still failed to implement adequate security measures. The stolen personal information includes names, email addresses, login IDs, passwords, password reset tokens, phone numbers, Facebook IDs and Zynga account IDs, collectively making up the tenth largest breach of all time.

Filed in U.S. District Court for the Northern District of California, San Francisco Division, the suit seeks to represent all Zynga customers who were affected by the September 2019 data breach. Plaintiffs Joseph Martinez and Daniel Pietro lead the suit, and if approved, the complaint will cover all users defined by the class.

“Technology companies have a duty to protect their users’ personal information, and in its failure to do so, Zynga left consumers vulnerable to a staggering number of fraud attempts and phishing scams,” Fegan said. “For customers, this breach isn’t just about the threat of monetary losses—identity theft can take an emotional toll, and we want to make sure that companies are held responsible for their laissez-faire attitudes when it comes to protecting consumer data.”

Consumers who are interested in learning more about this class action suit are urged to send their contact information to zynga@feganscott.com.

About FeganScott

FeganScott is a national class-action law firm dedicated to helping victims of consumer fraud, sexual abuse, and discrimination. The firm is championed by acclaimed veteran, class-action attorneys who have successfully recovered $1 billion for victims nationwide. FeganScott is committed to pursuing successful outcomes with integrity and excellence while holding the responsible parties accountable. To sign up for case updates, email zynga@feganscott.com.

Case: Case 3:20-cv-02612

Contacts

Mark Firmani
feganpr@firmani.com
206.466.2700

FeganScott


Release Versions

Contacts

Mark Firmani
feganpr@firmani.com
206.466.2700

More News From FeganScott

FeganScott Announces Investigation into MoneyGram Data Breach That Compromised Customers’ Personal and Financial Information

DALLAS--(BUSINESS WIRE)--FeganScott, a national law firm dedicated to protecting consumer rights, announced that it has launched an investigation into MoneyGram following confirmation from the financial services provider that an unauthorized third party illegally obtained customers’ personal and financial information during a September cyberattack. In a recent statement, MoneyGram reported that the stolen customer information includes Social Security numbers, government identification documents...

Family of Deceased Inmate Files Civil Rights Lawsuit Against Missouri Department of Corrections, According to FeganScott

JEFFERSON CITY, Mo.--(BUSINESS WIRE)--Today, the family of a 37-year-old man who died while in custody at Tipton Correctional Center after being restrained, forcefully sprayed with a chemical agent, and ignored for hours while he cried out that he could not breathe and needed help, filed a lawsuit against the Missouri Department of Corrections. The lawsuit claims that his death was caused by the corrections officers’ brutal actions and their callous indifference to his pleas for help. Also name...

FeganScott Files Lawsuit Against AT&T After April Data Breach Impacts Customers of More Than 16 Other Cell Phone Providers

DALLAS--(BUSINESS WIRE)--Cellular phone customers have filed a class action lawsuit against AT&T, claiming the telecommunications giant dramatically under-reported the severity of a data breach announced last month, notifying only a subset of those impacted by the breach. According to the complaint, filed in the U.S. District Court for the Northern District of Texas, AT&T limited its notification of the breach to AT&T customers, ignoring those whose data was in AT&T’s possession...
Back to Newsroom