Local

Pierce County Library accused of negligence in massive cyberattack, court filings show

By Shawn Garrett, KIRO 7 News
Author's Guild Asks Leaders Of Artificial Intelligence Companies To Stop Using Their Works To Train A.I. Models MIAMI, FLORIDA - JULY 19: Books line the shelves of one of the Miami-Dade Public libraries on July 19, 2023 in Miami, Florida. More than 8,500 authors have signed a letter submitted by the Authors Guild informing technology companies not to use their copyrighted work to train artificial intelligence systems unless those companies are willing to pay them for the usage. (Photo by Joe Raedle/Getty Images) (Joe Raedle/Getty Images)
By Shawn Garrett, KIRO 7 News

Two separate class-action lawsuits have been filed in Pierce County Superior Court after a massive data breach at the Pierce County Library System exposed the personal information of more than 335,000 Washington residents.

According to court filings, hackers gained unauthorized access to the library’s computer network between April 15 and April 21, 2025.

During that time, files were copied and stolen, including the names and dates of birth of hundreds of thousands of library patrons.

For current and former employees, additional information such as Social Security numbers, government ID numbers and addresses may also have been compromised.

The lawsuits allege the library failed to maintain adequate security protocols and delayed notifying victims.

The library completed its internal review of the breach in late May, but affected individuals were not mailed notices until July, more than two months after the intrusion.

Attorneys for the plaintiffs argue that the delay left patrons and staff vulnerable to fraud and identity theft.

Court documents show that one group of plaintiffs — Gwendolyn Bachmann, Kristye Gervais and Brett Higbee — say they began receiving a wave of scam calls, texts and emails after the breach.

Bachmann reported repeated attempts to use her debit card and ultimately froze her credit.

Gervais said the calls became so frequent she changed her phone number.

Higbee described spending hours monitoring accounts and dealing with unwanted solicitations.

A second complaint was filed the next day by plaintiffs Georgette Mills, a library patron, and Heather Lee, a longtime library employee.

Mills reported fraudulent messages about bogus toll fees, while Lee said she faced an influx of spam and devoted more than 20 hours trying to secure her financial accounts.

Both lawsuits emphasize that the breach has long-term consequences.

Attorneys argue that names, dates of birth and Social Security numbers are highly valuable on the dark web and can be misused for years.

One complaint notes that a cybercriminal group known as “Inc” posted nearly two terabytes of stolen files for sale on a hacker forum.

The library has offered victims one year of credit monitoring, but the suits call the measure inadequate.

Plaintiffs are seeking monetary damages and court-ordered reforms, including stronger security standards, encryption, and independent audits.

The Pierce County Library System, based in Tacoma, operates 20 branches serving 580,000 people.

©2025 Cox Media Group

0

Most Read