2 class action lawsuits filed: Library breach exposes over 335,000 WA residents’ data
Sep 9, 2025, 5:18 PM
A photo of members of a public library reading from a book. (Photo: Kai Schwoerer, Getty Images)
(Photo: Kai Schwoerer, Getty Images)
Two separate class action lawsuits have been filed following a massive data breach at the Pierce County Library System, which exposed more than 335,000 Washington residents’ personal information, according to KIRO 7.
Court filings detailed that the suspected hackers gained unauthorized access to the library’s computer network between April 15 and April 21.
The hackers copied and stole files from the servers, including the names and dates of birth of hundreds of thousands of library members.
RELATED STORIES
Lawsuits filed after Pierce County library data breach
Current and former library employees’ data may have been exposed as well, including Social Security numbers, government identification, and addresses.
The two lawsuits alleged that the library failed to maintain sufficient security protocols and delayed notifying the victims of the breach.
An internal review of the breach was conducted by the library in May. However, victims did not receive notices for more than two months after the data breach.
The plaintiffs’ attorneys argued the delay made library members and staff vulnerable to fraud and identity theft.
One group of plaintiffs, including Gwendolyn Bachmann, Kristye Gervais, and Brett Higbee, claimed they began to receive scam calls, emails, and texts after the library’s data breach.
Gervais said she changed her phone number due to the heavy traffic of scam calls she received. Bachmann claimed recurring attempts to use her debit card were made before it was frozen. Additionally, Higbee monitored his accounts for hours and dealt with solicitations.
Second complaint from plaintiffs
The following day, another complaint was filed by Georgette Mills and Heather Lee, a library employee.
Mills noted fraudulent messages about toll fees were received, and Lee claimed she spent more than 20 hours attempting to secure her accounts amid a plethora of spam messages.
The two lawsuits highlighted that the breach caused long-term consequences to the affected victims.
Attorneys in the case noted that vital information such as dates of birth and Social Security numbers can be highly valuable on the dark web.
A complaint mentioned that a cybercriminal group widely known as “Inc” listed approximately two terabytes of stolen information for sale on an online forum.
In response to the library’s data breach, it has offered victims one year of credit monitoring. However, the lawsuits note that the library’s efforts are not enough.
The plaintiffs seek monetary damages and court-ordered reforms, which include bolstered security standards, encryption, and independent audits, according to KIRO 7.
KIRO Newsradio has reached out to the Pierce County Library System for comment.
Follow Jason Sutich on X. Send news tips here.
