Defense and Compliance Attorneys
Source: site
Only the consumer cases against TransUnion will be grouped together in one federal proceeding; the broader Salesforce data breach lawsuits involving other companies will remain separate cases in different courts.
What the panel decided
Recent lawsuits over a series of social‑engineering attacks tied to Salesforce‑connected systems were considered for consolidation by the US Judicial Panel on Multidistrict Litigation (JPML). The panel concluded that, aside from TransUnion, the various cases involve distinct breaches with different facts and defendants, so they will not be combined into a single multidistrict litigation (MDL).
TransUnion cases will merge
TransUnion requested centralization of dozens of actions arising from the Salesforce‑linked breach that exposed data for about 4.46 million people. The JPML agreed and is sending the TransUnion data breach cases to the US District Court for the Northern District of Illinois, creating an MDL focused only on TransUnion’s incident.
Why Salesforce and others stay separate
The panel noted that most complaints either do not meaningfully involve Salesforce itself or do not allege a single common vulnerability in Salesforce’s platform across all breaches. It also cited concerns that combining actions involving competing Salesforce customers like Allianz and Farmers Insurance could heighten confidentiality and trade‑secret risks if discovery were centralized.
What this means for affected consumers
If notified about the TransUnion breach, affected individuals’ federal lawsuits are likely to proceed within the new Illinois MDL, streamlining pretrial rulings and discovery against TransUnion. People affected by other companies’ Salesforce‑linked breaches—such as Allianz or Farmers Insurance—will see those cases continue separately in the courts where they were filed.
Upcoming Events
