Randy Ellis reports:
A class-action lawsuit has been filed against the Oklahoma Department of Securities over a massive December 2018 data breach that allegedly caused the names, Social Security numbers and other personal information of more than 300,000 people to be published to the internet.
The department caused the data breach by negligently misconfiguring a new firewall that it was installing with the aid of a consultant, the lawsuit alleges.
The lawsuit also alleges that the department waited several weeks to notify law enforcement about the data breach, which resulted in valuable evidence being lost.
Read more on Governing.