A federal district court has dismissed a cyber security lawsuit from a pension fund against a property insurance company that had previously settled with the US Securities and Exchange Commission on the matter.
Last week, the US District Court in Los Angeles agreed to dismiss the lawsuit from St. St. Lucie, Florida-based St. Lucie County Fire District Firefighters Pension Trust Fund v Santa Ana, California-based First American Financial Corp., which sued the insurance company for misconception of its security practices and controls to investors, according to the judgment in In re First American Financial Corp. Securities Litigation.
The company's CEO, CFO and information security manager were also called as defendants.
The verdict was first reported by D&O Diary .
On June 1
Last Wednesday, it was found that a flaw in the system used by First American led to a violation that led to access to more than 350,000 documents without permission, which began in June 2018 and continued for 11 months.
Judge Dale S. Fischer ruled on the Fund's claim that First American had failed to implement basic security standards and ignored its own information security policy.
That the board may have known of existing vulnerabilities "does not support" that its revealing statements were false or misleading, the ruling said.
The Board's General Discussion on Data Security Issues "does not show that First American was aware of existing compromised data or supported that disclosure statements were specific enough to be contradicted by public knowledge," the ruling said.
accused that statements on cybersecurity "are either untrue or unfavorable buffering" and that the fund "has not identified any facts to support the claim that defendant's statements about the infringement were false or misleading.
When the rejection proposal was granted, the judgment stated that an amended complaint must be submitted by 25 October.
Lawyers in the case did not respond to a request for comment.