CONSUMER WARNING ABOUT BOSLEY HAIR CLINICS AND BOSLEY.COM WEBSITE
Complaint / Answer
Sample Settlement Notice
Bosley Data Breach Class Action Lawsuit Information
Update: The lawsuit has been settled with Bosley paying out $500,000 to the Class Members (11/22/2022)
Details: A class action lawsuit was brought by former Bosley clients who say it failed to properly protect their Personally Identifiable Information (PII) from being taken during a cyber attack, then concealed the data breach for months because it was afraid it would hurt its business.
Customers' information that was potentially stolen includes names, addresses, DOBs, Social Security numbers, driver’s license numbers, financial account and credit card numbers, medical and health insurance information.
* Ken Hashemi et al v. Bosley, Inc., U.S. District Court for the Central District of California, Case number 2:21-cv-00946
You can also visit bosleysettlement.com for more about the case.
BOSLEY DATA BREACH
Important notice for consumers, customers, patients:
Your personal and financial information may have been stolen during a cyber attack.
The Bosley database was hacked on August 17, 2020 and more than 100,000 people could be affected
Bosley says it sent notices to 100,839 individuals between January and February of 2021 indicating their critical personal information may have been taken as a result of malware infecting its computers.
The information that was potentially accessed includes names, addresses, DOB, Social Security numbers, driver’s license numbers, financial account and credit card numbers, medical and health insurance information.
Bosley learned about the breach on September 24, 2020 but did not explain why it waited over four months to notify people. The notification recommends monitoring accounts for illegal activity and describes how to set up fraud alerts and security freezes with credit reporting agencies to make it more difficult for identity thieves to open new accounts in the individual's name.
A class action lawsuit has been brought by several former clients regarding this incident (see right).
Read the entire Notice of Data Breach at the State of California
CLASS ACTION LAWSUIT
Ken Hashemi et al v. Bosley, Inc
The United States District Court for the Central District of California, case #2:21-cv-00946
The lawsuit alleges that Bosley failed to implement standard security measures that would have prevented the Data Breach and then concealed the incident from the public for several months.
This resulted in the lost or diminished value of customers' Personally Identifiable Information (PII) and a heightened risk of identity theft for the lifetimes of the Plaintiffs and Class Members.
If your personal information was in Bosley's computer system and you received a notice of data breach you may be affected by the outcome of this case.
Plaintiffs Allegations in the Complaint: (Plaintiffs are six former Bosley clients. Complaint was filed 02/01/21)
Defendant Bosley's Answer to the Complaint:
Are you a Settlement Class Member? If you are a former Bosley customer you may be one of over 100,000 people who are part of the Settlement Class. The “Settlement Class” means all persons residing in the United States whose PII was potentially compromised in the Data Incident first announced by Bosley on or about January 26, 2021.
Will Members need to do anything? Members will need to act if they want to claim benefits or if they want to hold on to their legal rights. If they do nothing they will lose both. See the Member Options below.
The Settlement offers the Class three types
of monetary relief capped at a maximum of $500,000 for the entire
100,000+ member Class.
Anyone who files a claim (or does nothing) will be bound by the terms of the settlement and end Bosley's responsibility toward them regarding the data breach.
People who want to retain their legal rights and ability to participate in another lawsuit against Bosley regarding these issues must exclude themselves by opting out, see right.
Terms and benefits of the settlement will be subject to a final settlement approval hearing.
The aggregate cap could lessen what a Member gets in the settlement. Their reimbursement payment might be less than what they claimed. Similarly, the California statutory damages award is subject to a reduction on a pro rata basis if the claims made exceeds the funds available.
A Federal Trade Commission Study of 149 consumer class actions found a median claims rate of 9%. If applied to this settlement the average payment could be about $55 ($500,000 in valid claims divided by 9,000 people).
Each class action is unique and there is no way to tell what the actual numbers will be until after the claims deadline.
Class Members have four options:
The Claims Administrator
The claims administrator is CPT Group. Official settlement information and instructions can be found at bosleysettlement.com. It has links to important documents in English and Spanish including the Settlement itself, the claim forms, and other relevant court filings. CPT has a 24/7 toll-free phone line with a live operator available to answer any Class Member questions.
Disclaimer: Information on this page comes from documents on file with the court. It does not contain every detail and aspect of the case. It is not a substitute for professional legal advice. This litigation is ongoing and details and terms may change or be modified by the court.
Fairness in Reporting: The companies mentioned have been given the opportunity to correct any inaccuracies.