Jurimatic by Exlitem

Keenan & Associates Data Breach Settles for $14M

2 min read
Back to Home
in
Cybersecurity
2 min read

Keenan & Associates Data Breach Settles for $14M

S
Sohini Chakraborty
October 13, 2025
Keenan & Associates Data Breach Settles for $14M

Table of Contents

Case Background

Keenan and Associates, a major insurance brokerage and consulting firm operating across California, found itself at the center of a significant class action lawsuit after a crippling security lapse exposed the personal information of countless individuals. The legal action began quickly after the company publicly confirmed in late September 2023 that an unauthorized criminal party had penetrated and compromised its internal computer systems.

Cause

The direct cause of the litigation was a severe data breach that the Defendant, Keenan and Associates, had confirmed. The Plaintiffs’ Second Amended Complaint, the core legal document detailing the allegations, asserted that the firm had not adopted reasonable and necessary measures to secure its network, where it stored vast amounts of highly sensitive data. This lack of appropriate protection, the Plaintiffs insisted, fell far short of industry standards and directly violated the company’s implied promise to protect the private information that had been entrusted to its care. The Complaint charged that the failure to invest in robust security was a cost-saving measure that put profit ahead of privacy.

Injury

The security failure resulted in catastrophic exposure for those affected. The information accessed was extremely sensitive; it reportedly included individuals’ names, addresses, dates of birth, Social Security Numbers, and detailed medical or health insurance records. The Plaintiffs argued that this widespread exposure immediately placed them at risk. They had already sustained immediate financial injuries, which stemmed from out-of-pocket costs to mitigate the breach’s damage, as well as the significant, ongoing threat of identity theft. Furthermore, the Plaintiffs cited severe emotional distress and anxiety that came from knowing their most private records were now vulnerable to malicious actors.

Damages Sought

The Plaintiffs, representing a massive group of affected individuals, had sought significant legal and financial relief

Continue Reading This Article

Subscribe to access this article and our entire library of legal content.

Unlimited access to all articles
Expert legal analysis and insights
Downloadable resources and templates
Subscribe Now Login to Access

You've reached your free article limit for this month

Categories

Cybersecurity

Tags

Corporate Negligence
Class Action Litigation
Data Privacy Law

About the Author

SC
Sohini Chakraborty
Editor
Sohini Chakraborty is a law graduate, with over two years of experience in legal research and analysis. She specializes in working closely with expert witnesses, offering critical support in preparing legal research and detailed case studies. She delivers well-structured legal summaries.