ADT is subject to another class action lawsuit against a former employee caught spying on customers over a seven-year period.
The lawsuit says ADT is responsible for seven causes of action, including negligence; intrusion upon seclusion; negligent hiring, supervision and retention; intentional infliction of emotional distress; and privacy monitoring.
The former employee — Telesforo Aviles — added his personal email address to customer accounts during service visits, allowing him access to their systems, including video streams of security cameras, through the ADT mobile app. Aviles pleaded guilty to one count of fraud and related activity in connection with computers on Oct. 19, 2020.
ADT faced two class action lawsuits last year over the matter, which affected 220 accounts.
According to the latest complaint, multiple vulnerabilities in the ADT Pulse application allowed any one of its technicians to grant themselves access to a customer’s ADT Pulse application and control every aspect of the customer’s home security system, including opening locks, disarming their system, and viewing and downloading security camera footage.
“ADT failed to provide the security services its customers paid for by leaving large vulnerabilities in the ADT Pulse application and, as a result, compromised the safety and security of its customers’ homes and family members,” the complaint reads.
The complaint also says ADT’s marketing efforts “brag” that the company was leading the industry in establishing best practices for protection consumer privacy and limiting access to their data.
“While ADT boasts that it has been protecting people for over 145 years and holds itself out as the ‘#1 in smart home security’ it failed to even secure its own systems from massive and ongoing intrusions into its customers’ private lives,” the complaint reads.
Although unable to provide comment on this specific lawsuit, previous comment from ADT said it is reviewing all customer accounts until they are sure no one else’s privacy is at risk. In addition, the company has implemented technical and procedural solutions in an effort to prevent this from happening again.
The company contacted each of the 220 customers to resolve their concerns, which the complaint calls a “frantic effort to mitigate and hide the fact that the vulnerability in its supposedly industry-leading smart home security systems permitted an employee to spy on people in their homes.”
“Our customers trust ADT with their safety and protection,” the previous statement from ADT read. “We understand that this incident jeopardizes that trust and is entirely unacceptable. We will make extraordinary efforts to earn back that trust.”
The plaintiff, Randy Doty, is seeking class and sub-class certification; declaratory and injunctive relief; an award for damages, costs, and fees; pre and post judgment interest; and other further relief.