Education Corporation of America (ECA), a significant player in the for-profit education sector, finds itself embroiled in legal proceedings following a data breach that exposed sensitive personal information. The incident, which targeted the records managed by Thompson Coburn LLP, led to the filing of a federal class action lawsuit, revealing the breach of privacy endured by individuals connected to the for-profit colleges under the ECA’s supervision. More details can be found here.
The lawsuit was lodged in the Northern District of Alabama by Jonathan Burdette, who serves as the lead plaintiff. Burdette accuses ECA of failing in its responsibilities under common law, contractual obligations, prevailing industry standards, and the mandates of the Federal Trade Commission Act. These failures, according to the plaintiff, consisted of inadequate data security practices and delayed notification to affected parties regarding the breach.
The leaked information reportedly included names and Social Security numbers of numerous individuals affiliated with ECA’s institutions. The case, docketed under No. 2:25-cv-00829, builds on the assertion that ECA’s negligence has caused a breach of trust and potential harm due to the compromised personal data. Legal professionals and entities interested in following the case can track it via the case docket (Bloomberg Law subscription required).
This lawsuit underscores the paramount importance of robust cybersecurity protocols, particularly concerning entities handling sensitive personal data. As the case progresses, it may set significant precedents for the standards and expectations of data security responsibilities among for-profit educational institutions and beyond.