Menu
Tax Notes logo

Class Action Filed Against E-Filing Company Over Data Breach

APR. 20, 2015

Diaz v. Intuit Inc.

DATED APR. 20, 2015
DOCUMENT ATTRIBUTES
  • Case Name
    CHRISTINE DIAZ AND MICHELLE FUGATT, ON BEHALF OF THEMSELVES AND ALL OTHERS SIMILARLY SITUATED, Plaintiffs, v. INTUIT, INC., AND DOES 1 THROUGH 100, INCLUSIVE, Defendants.
  • Court
    United States District Court for the Northern District of California
  • Docket
    Case 5:15-cv-01778-PSG
  • Authors
    McCune, Richard D.
  • Institutional Authors
    McCune Wright LLP
  • Subject Area/Tax Topics
  • Jurisdictions
  • Language
    English
  • Tax Analysts Document Number
    Doc 2015-9735
  • Tax Analysts Electronic Citation
    2015 TNT 79-14

Diaz v. Intuit Inc.

[Editor's Note: To view the exhibit, please see page 29 of the PDF .]

 

IN THE UNITED STATES DISTRICT COURT

 

FOR THE NORTHERN DISTRICT OF CALIFORNIA

 

 

CLASS ACTION COMPLAINT

 

 

1. Violation of California Unfair Competition Law

 

(Cal. Bus. & Prof. Code § 17200);

 

 

2. Violation of California Customer Records Act

 

(Cal. Civ. Code §§ 1798.81.5, 1798.82);

 

 

3. Aiding and Abetting Fraud;

 

 

4. Negligent Enablement of Imposter Fraud;

 

 

5. Negligence;

 

 

6. Breach of Contract

 

 

DEMAND FOR JURY TRIAL

 

 

Steven W. Teppler (FL State Bar No. 14787)*

 

E-mail: steppler@abbottlawpa.com

 

ABBOTT LAW GROUP P.A.

 

2929 Plummer Cove Road

 

Jacksonville, FL 32223 Telephone:

 

(904) 292-1111

 

Facsimile: (904) 292-1220

 

 

Joel R. Rhine (NC State Bar No. 16028)*

 

E-Mail: jrr@rhinelawfirm.com

 

RHINE LAW FIRM, P.C.

 

1612 Military Cutoff Road, Ste. 300

 

Wilmington, NC 28403

 

Telephone: (910) 777-7651

 

Facsimile: (910) 772-9062

 

 

Attorneys for Plaintiffs and the Putative Classes

 

 

*Pro Hac Vice Applications to be submitted

 

PLAINTIFFS' CLASS ACTION COMPLAINT AND JURY DEMAND

 

 

Plaintiffs Christine Diaz and Michelle Fugatt (collectively, "Plaintiffs") bring this action against Defendant Intuit, Inc., (hereinafter "Defendant" or "Intuit") by and through their attorneys, individually and on behalf of all others similarly situated, and allege as follows:

 

INTRODUCTION

 

 

1. TurboTax is a tax preparation software, owned and manufactured by Intuit, that is utilized to file an estimated 30 million tax returns for American taxpayers every year when filing their income tax returns with both the United States Internal Revenue Service ("IRS") and individual states. TurboTax is designed to guide users through the process of filling out their tax returns. TurboTax customers may opt for premium services at an additional cost or they may use a free version.

2. TurboTax's software can be utilized through its website or installed directly on the customer's personal computer. Regardless of which version of TurboTax used by customers, they will be required to enter their most sensitive and personal information into TurboTax as is necessary for filing tax returns.

3. One of the main benefits of using TurboTax is the ability to electronically file tax returns. This not only results in convenience at the time of filing, but refunds for electronic filings are processed more quickly than for hard copy filings. Based on information and belief, Defendant is a participant in the IRS e-file program. To facilitate electronic filing, for a fee the customer submits her tax return for electronic filing through the TurboTax program. The tax return then is forwarded to Intuit's Electronic Filing Center where Intuit converts it to a standard format and transmits it to the applicable federal and/or state authority. In connection with e-filing for customers, Intuit is required to obtain and transmit the IP address of the computer from which the return originated.

4. Another benefit offered through TurboTax is the Refund Processing Service, in which the customer provides Intuit their bank account information, and TurboTax facilitates, through a third-party, direct deposit of a tax refund. Fees incurred in e-filing are taken directly from the bank account at the time of the refund rather than by the customer paying the fees up front to TurboTax. Additionally, Intuit offers its TurboTax customers the option to receive their tax refund on a Net Spend Premier Visa Prepaid debit card.

5. Businesses such as Intuit, which provide services online or through software that actively engage in collecting and storing personal data about customers have an affirmative duty to safeguard that information. In doing so, such businesses must be able to ensure their customers that their personal data is, and will remain, secure and private. When a corporation, such as Intuit keeps and stores highly private and sensitive information and data such as social security numbers, birth dates, residential addresses, email addresses, account numbers, and other financial information belonging to its customers, this duty becomes even more important. Intuit recognizes this obligation on its web site, in which it represents "All TurboTax platforms offer a secure, easy-to-use experience."1

6. The data collected and stored by tax preparation software and websites is among the most highly sensitive and personal information a person has to his or her name. When a tax preparation software company such as Intuit's TurboTax avails itself to a type of business that requires customers to entrust their most sensitive personal information, that company in turn, has a duty to maintain such sensitive data from compromise, theft, and fraud.

7. In addition, businesses such as Intuit must be diligent in recognizing fraud and abuse, reporting it to the IRS and others, and preventing the fraud by undertaking reasonable activities and safeguards that will prevent fraudulent returns. The Internal Revenue Service considers a "fraudulent return" to include a return in which the individual is attempting to file using someone else's name or Social Security number on the return. As such, Defendant owes a duty to non-customers who will be foreseeably damaged should these safeguards not be imposed and one of TurboTax's customers files a fraudulent return using that third-party's name and Social Security number. In light of the recent crises in data theft and fraudulent returns, this duty has become even more paramount and critical.

8. This is a class action lawsuit brought by Plaintiffs on behalf of themselves and two putative Classes consisting of identity theft victims, who were victimized when Defendant facilitated third party imposter tax fraud. In doing so, Defendant allowed cyber-criminals and fraudsters, who used the personal information and data maintained by Intuit's TurboTax to file thousands of fraudulent tax returns and convert billions of dollars from the U.S. government, and as result American taxpayers as such costs will eventually be passed onto them..

9. This action arises from Defendant's failure, despite its knowledge of the sudden increase in fraudulent tax filings and massive data breaches in recent years, to take commercially reasonable measures to protect identity theft victims by preventing cybercriminals from filing fraudulent tax returns in the victims' names.

10. On information and belief, Plaintiffs allege that TurboTax facilitated this third party tax fraud by failing to take necessary precautions in safeguarding its customer's most personal and sensitive information. Plaintiffs allege that Defendant's negligent mishandling of fraudulent tax filings facilitated the theft of billions of tax dollars by cybercriminals by allowing thousands of fraudulent tax returns to be filed through use of its software. Further, Plaintiffs and the Classes reasonably expected that TurboTax would implement the security measures necessary to safeguard its customers' most personal and sensitive information from theft and fraud and implement security measures to protect third party non-customers from fraudulent returns being filed in absence of reasonable safety precautions.

11. As such, Plaintiffs on behalf of themselves and others similarly situated allege that through its conduct Defendant violated California's Unfair Competition Law and California's Customer Records Act. Additionally, Plaintiffs assert causes of action for negligence and breach of contract. In bringing this class action, Plaintiffs and the Class seek damages, declaratory relief, restitution, injunctive relief and any other relief the Court may find just under the circumstances.

 

JURISDICTION

 

 

12. This Court has subject matter jurisdiction of this action pursuant to 28 U.S.C. § 1332 of the Class Action Fairness Act of 2005 because: (i) there are 100 or more class members, (ii) there is an aggregate amount in controversy exceeding $5,000,000, exclusive of interest and costs, and (iii) there is minimal diversity because at least one plaintiff and one defendant are citizens of different States. This court has supplemental jurisdiction over the state law claims pursuant to 28 U.S.C. § 1367.

13. Venue is proper in this judicial district because Defendant contracts with its customers that the exclusive jurisdiction and venue for federal court actions is in the Northern District of California. Further, pursuant to 28 U.S.C. § 1391, Defendant transacts business in this district, is subject to personal jurisdiction in this district, and therefore is deemed to be a citizen of this district. Additionally, Defendant's corporate headquarters are located within this district in Mountain View, California. Further, Defendant has advertised in this district and has also received substantial revenue and profits from its sales of tax preparation software in this district. Upon information and belief, a substantial portion of the Turbo Tax software application and information security policy development took place within this district in Mountain View, California. Therefore, a substantial part of the events and/or omissions giving rise to these claims occurred, in part, within this district.

14. This court has personal jurisdiction over Defendant because it has conducted substantial business in this judicial district, and intentionally and purposefully placed its tax preparation software into the stream of commerce within the districts of California and throughout the United States. Additionally, Defendant's corporate headquarters are located within the district in Mountain View, California.

 

PARTIES

 

 

15. Plaintiff Christine Diaz ("Plaintiff Diaz") is a citizen and resident of Avon, Ohio.

16. Plaintiff Michelle Fugatt ("Plaintiff Fugatt") is a citizen and resident of Athens, Alabama.

17. Defendant Intuit, Inc., is a corporation that is incorporated under the laws of the State of Delaware with its principal place of business in Mountain View, California.

18. The true names and capacities of the defendants sued herein as DOES 1 through 100, inclusive, are currently unknown to Plaintiffs, who therefore sues such defendants by such fictitious names. Each of the defendants designated herein as a DOE is legally responsible in some manner for the unlawful acts referred to herein. Plaintiffs will seek leave of Court to amend this complaint to reflect the true names and capacities of the defendants designated herein as DOES when such identities become known.

19. Based upon information and belief, Plaintiffs allege that at all times mentioned herein, each and every defendant was acting as an agent and/or employee of each of the other defendants, and at all times mentioned was acting within the course and scope of said agency and/or employment with the full knowledge, permission, and consent of each of the other defendants. In addition, each of the acts and/or omissions of each defendant alleged herein were made known to, and ratified by, each of the other defendants.

 

FACTUAL ALLEGATIONS

 

 

A. Background on Intuit and TurboTax

20. Intuit was originally incorporated in California in March 1984, and later reincorporated in Delaware and completed its initial public offering in March 1993.

21. According to recent filings with the SEC, Intuit "creates business and financial management solutions that help the business of life for small businesses, consumers, and accounting professionals. As such, Intuit's portfolio of flagship products and services include TurboTax, QuickBooks, Quicken, and Mint.

22. According to Intuit's 2014 Annual Report to the Securities Exchange Commission ("SEC"), by the end of its 2014 fiscal year the corporation had $4.5 billion in revenue and had approximately 8,000 employees in their major offices in the United States and abroad.

23. While originally developed in the mid-1980s by Chipsoft, in 1993 Intuit acquired TurboTax. As of today, Intuit continues to own and manufacture TurboTax, which has become one of the most widely used tax preparation software packages on the market. It has been estimated that approximately 29 million people used TurboTax last year to file their 2013 tax returns.

B. The Rise of Electronic Tax Filings

24. In recent years, the IRS has experienced a steady increase in the number of taxpayers who have opted to file their tax returns through electronic filing ("e-filing"). As such, the IRS announced that more than 122 million returns were e-filed during the 2013 tax year, a number which is expected to increase in the 2014 tax year. In fact, the IRS estimated that approximately 91 percent of all U.S. tax returns were prepared on computers using tax preparation software regardless of whether returns were prepared by individuals or prepared by tax return professionals.

25. Upon information and belief, Plaintiffs allege that Defendant controls over 60 percent of the self-preparation software market. While the precise number of taxpayers who prepare and file their tax returns through TurboTax is currently unknown to Plaintiffs and remains under Defendant's exclusive control, Plaintiffs allege that TurboTax is by far the leader in the tax preparation software market. As such, it has been estimated that while nearly 29 million customers used TurboTax for preparing their tax returns, each of its two closest competitors were purportedly used by only 7 million taxpayers in 2013.

C. Identity Theft Refund Fraud

26. According to data released by the Federal Trade Commission ("FTC") regarding consumer complaints, the FTC received 332,646 consumer complaints specifically reporting incidents of identity theft in 2014. In other words, the FTC received more consumer complaints regarding identity theft than it had received in any other consumer complaint category. In fact, the FTC received more consumer complaints regarding identity theft than it had for debt collection in 2014. Further, the largest portion of these identity theft complaints were specifically related to tax identity thefts. It has even been reported that tax identity theft is and has been the largest category of identity theft for the past five years.

27. While e-filing has made the chore of filing tax returns an easier and more expedient process, e-filing has also, unfortunately, made it much easier for cybercriminals to generate sham tax returns to obtain money, in the form of a tax refund, before the IRS detects the fraud. As such, identity theft refund fraud has become an increasingly lucrative business for cybercriminals in the digital age. Accordingly, IRS data reveal that almost two million suspected incidents of electronic tax fraud took place in 2013, which was a huge jump from the 500,000 suspected incidents in 2010.

28. According to a report on identity theft and tax fraud released by the Government Accountability Office ("GAO"), it is estimated that the IRS prevented approximately $24.2 billion in refunds secured through identity theft in 2013. However, the IRS also paid $5.8 billion in tax refunds that it later determined were filed fraudulently. In this report, the GAO acknowledged that because of the difficulties in knowing the true amount of undetected fraud, the actual amount could far exceed such estimates.

29. According to the GAO, identity theft refund fraud occurs when identity thieves use a legitimate taxpayer's identifying information to file a fraudulent tax return and then claim a refund. As such, it is on information and belief that Plaintiffs allege that identity theft refund fraud is the type of fraud that Defendant was intimately familiar with and facilitated by failing to take the steps necessary to safeguard Plaintiffs' and the Classes' sensitive personal information. Further, Defendant also facilitated identity theft refund fraud as it pertained to third party non-customers, in which it allowed fraudsters to create phony TurboTax accounts so as to file fraudulent tax filings in third party non-customers' names.

D. The Age of Massive Data Breaches

30. Defendant's failure to take the necessary steps to safeguard its customers' extremely sensitive personal data is even more troublesome in light of the recent surge in massive data breaches experienced by large corporations such as Home Depot, Chase Bank, Target, Sony, Premera Blue Cross, and Anthem Blue Cross. As the result of these massive data breaches, companies such as Intuit's TurboTax should have known that its customers' personal data was at an even greater risk of being stolen and used for fraudulent tax returns by cybercriminals.

31. Over the past year alone, millions of people have fallen prey to identity theft through massive data breaches at some of the nation's largest companies. The following are examples of the largest data breaches in recent times:

 

a. In September 2014, Home Depot, the world's largest home improvement chain, confirmed that a total of 56 million credit and debit cards were affected by a data breach;

b. In June and July 2014, JP Morgan Chase, the nation's largest bank by assets, confirmed that it had experienced a massive data breach that affected 76 million households and 7 million small businesses;

c. In early December 2014, Sony's system was hacked, resulting in the theft of 47,000 social security numbers, which subsequently appeared more than 1.1 million times on 601 publicly-posted files stolen by hackers;

d. In January 2014, it was revealed that Target Corporation's holiday data breach affected up to 70 million people, who had their names, mailing addresses, phone numbers, and email addresses stolen by hackers;

e. In January 2015, it was revealed that health insurance giant Premera Blue Cross experienced a data breach involving the personal data of approximately 80 million members across the country.

f. In February 2015, Anthem. Inc., the country's second largest health insurer, announced that its systems had been compromised in a massive data breach, in which a total of 78.8 million records were stolen, including 8.8 to 18.8 million records of non-customers.

 

32. Yet in light of the increase in massive data breaches in recent times, at the beginning of the tax season for 2014, Intuit failed to implement stricter cyber security measures. Based on information and belief, Plaintiffs allege that Defendant's failure to implement such measures allowed cybercriminals easier access to customers' personal data, which has resulted in an extreme 3,700 percent increase in fraudulent state tax refund filings during this tax season.

E. The 2015 Spike in Fraudulent E-Filings

33. In early February 2015, just as tax season began to get underway, Intuit announced that it had heard from a "small handful of states" that noticed an increase in suspicious tax filings. As such, Defendant was forced to halt TurboTax's transmission of state e-filing tax returns for approximately 24 hours on February 5, 2015.

34. On February 5, 2015, the same day Intuit suspended its transmission of state e-filed tax returns, more than 100 tax officials from approximately 19 states participated in a conference call organized by the Federation of Tax Administrators to discuss the recent surge in fraudulent tax filings.

35. Shortly thereafter, Utah tax officials announced that a total of 19 states had identified potential fraud issues. Alabama tax officials reported identifying as many as 16,000 suspicious tax returns through TurboTax, whereas Minnesota tax officials had stopped accepting individual tax returns transmitted through TurboTax. Massachusetts and Vermont officials announced that they had temporarily stopped issuing tax refunds in order to avoid issuing fraudulent tax refunds and to ensure that the refunds reached the proper recipient. Additionally, Utah tax officials announced that all potentially fraudulent tax returns identified in the state had been filed through TurboTax.

36. Despite security experts calling upon Intuit for years to enhance the security features of TurboTax by implementing a two-step authentication for customers, it was not until February 13, 2015, that the company actually implemented this very basic security measure. In fact, according to security experts, email and social media companies had already been utilizing a two-step authentication process for years when Intuit finally decided to do so more than a week after it was forced to suspend its state tax e-filing operations.

F. SEC Whistleblower Action: Intuit Prioritizes Profits Over Security Measures

37. Shortly after Defendant suspended its transmission of state e-filing tax returns, two former security employees of Intuit, one of which has filed an official whistleblower complaint with the SEC, reported that the company had made millions of dollars in knowingly processing state and federal tax refunds filed by cybercriminals.

38. The first former employee to publicly allege Intuit's mishandling of fraudulent tax filings was Robert Lee, a former security business partner at Intuit's consumer tax group, who left the company in July 2014. In interviews with certain media outlets, Lee alleged that he and his team at Intuit had developed a fraud model that would have assisted Intuit in quickly identifying accounts that were being used by fraudsters to commit massive amounts of identity theft refund fraud. As reported by the media, Mr. Lee stated that Intuit repeatedly refused to adopt basic cyber security policies that would have made it more difficult for fraudsters to use the company's software for tax refund fraud, such as blocking the re-use of the same Social Security number across a number of TurboTax accounts, or preventing the same account from filing more than a small number of tax returns. Further, Mr. Lee alleged that when he and his team found that millions of TurboTax accounts were used exclusively for filing fraudulent returns, Intuit management expressly forbade Lee's team from either flagging or turning off such TurboTax accounts. According to Mr. Lee, while Intuit used to be an industry leader in alerting the IRS with regular reports regarding suspicious tax filings, he alleges that Intuit eventually scaled back these reports after noticing that the overall number of fraudulent filings the IRS reported was not decreasing. Mr. Lee alleged that Intuit decided to scale back its reports when it noticed that fraudsters were taking their tax fraud business to TurboTax's competitors, which resulted in a decrease in the company's revenues. According to Mr. Lee, when Intuit stopped or delayed sending the IRS its fraud numbers, it noticed an increase in fraud but also realized an increase in revenues.

39. Additionally, Shane MacDougall, a former principal security engineer at Intuit, who had just recently resigned from the company in early February 2015, filed an official whistleblower complaint with the SEC. In doing so, Mr. MacDougall alleged that Intuit systematically prioritized profits over ethics when it came to its processing of fraudulent tax filings. According to Mr. MacDougall's SEC filing, he repeatedly raised issues with Intuit management and executives about trying to rectify ongoing tax fraud, but was continuously rebuffed and told that Intuit could not do anything that would "hurt the numbers."

G. On-Going Investigations

40. TurboTax's recent surge in fraudulent tax filings has given rise to both Federal Bureau of Investigation agents and IRS criminal investigators looking into the TurboTax incident to determine the extent of the fraud and how it was perpetrated. Additionally, the Senate Finance Committee has launched its own investigation into the recent surge in identity theft and tax fraud. As such, Committee investigators are currently interviewing tax preparation companies, state tax commissioners, and the two former Intuit employees that have publicly accused Intuit of failing to report, or delaying the reporting of, instances of identity theft tax fraud to the IRS. Further, in March 2015, Intuit announced that it had also received inquiries from the U.S. Department of Justice and the Federal Trade Commission regarding the sudden surge in fraudulent filings submitted through TurboTax.

 

THIS CLASS ACTION

 

 

41. In light of the above, this action arises from Defendant's failure to take commercially reasonable measures in protecting its customers' sensitive personal and financial data. As a leader in the tax preparation software market, assisting millions of American taxpayers in filing their tax returns, Intuit is in the business of maintaining its customers' most private of information. Accordingly, Intuit has an affirmative duty to take all reasonable measures in protecting customers' data and safeguarding it from cybercriminals.

42. Plaintiffs allege that Intuit failed to fulfill its legal duty to protect its customers' sensitive personal and financial information by allowing identity thieves to file thousands or even millions of fraudulent tax filings by using Plaintiffs' and the Classes' personal data as maintained by TurboTax. Additionally, Intuit also failed to detect and prevent identity compromise of third party non-customers by allowing identity thieves to file fraudulent tax returns through TurboTax.

43. On information and belief, Plaintiffs allege that TurboTax facilitated this third party tax fraud by failing to implement and then take necessary and adequate security precautions to safeguard its data and data security infrastructure, and to detect and prevent identity compromise for both customer and non-customer personal and sensitive information. Plaintiffs allege that Defendant's negligent mishandling of fraudulent tax filings facilitated the theft of billions of tax dollars by cybercriminals to file thousands of fraudulent tax returns through the use of its software.

44. On information and belief, Plaintiffs allege that Intuit knew or should have known that cybercriminals were routinely utilizing its software to file fraudulent tax filings in the names of its customer and non-customer identity theft victims.

45. Additionally, Plaintiffs allege that Intuit has failed to notify customers as to the fact that their personal information, as maintained by Intuit, had been used to file fraudulent tax returns. Further, Intuit also failed to notify non-customers as to the fact that their personal information had been improperly used to file fraudulent tax returns.

46. The recent history of cyber security breaches and warnings that are now ubiquitous as to the threat posed by data breaches have placed companies that maintain customers' personal and financial data on notice of their duty to safeguard such data from cybercriminals. Intuit's TurboTax, as the industry leader in tax preparation software, should have been among the first companies to implement top-of-the-line cyber security measures that exceed industry standards. Certainly that is what TurboTax customers expect of the company that provides the tax preparation software into which they input their personal information each year for the purpose of filing their taxes.

47. This expectation is supported by the agreement that Intuit entered into with customers. In a section entitled "Privacy and Use of Personal and Tax Return Information" in the Intuit Software End User License Agreement TurboTax Desktop Software-Tax Year 2010, Intuit stated:

 

"At Intuit we place the highest importance on respecting and protecting the privacy of our customers. Our most important asset is our relationship with you. We want you to feel comfortable and confident when using our products and services and with entrusting your personal and tax return information to us"

 

48. Unfortunately, Intuit's promises were not fulfilled by its conduct in failing to protect consumers' data from foreseeable and preventable breaches, or by preventing fraudulent tax filings on behalf of its customers through TurboTax. Contrary to its express representations that it keeps data, Intuit also failed to meet customers' reasonable expectations. Rather than protecting customers' personal and financial information by implementing stricter security measures, TurboTax has instead knowingly facilitated identity theft tax refund fraud by allowing cybercriminals easy access to its customers' most private information.

 

PLAINTIFFS' EXPERIENCES

 

 

A. Plaintiff Christine Diaz's Experience

49. In or about late 2010 or early 2011, Plaintiff Diaz purchased the right to use the online version of TurboTax's software in order to file her 2010 joint tax return with her husband. Subsequently, Plaintiff Diaz and her husband came to the conclusion that the online version was not robust enough to meet their tax filing needs. Thus, Plaintiff Diaz and her husband purchased from Intuit the right to download and use the desktop version of TurboTax in order to file her and her husband's 2010 joint tax return.

50. Plaintiff Diaz then provided to Intuit through the TurboTax software the personal information necessary to file her joint tax return through TurboTax, including both her and her husband's social security number, email address, residential address, telephone number, bank account information, date of birth, and other personal information.

51. In providing this highly important personal data to Intuit, Plaintiff Diaz had a reasonable expectation that Defendant would have in place reasonable and appropriate security measures to insure that her and her husband's personal data were secure.

52. In 2011, Plaintiff Diaz electronically filed her 2010 state of Ohio and federal tax returns through TurboTax.

53. In purchasing the right to use Defendant's tax preparer software to file tax returns through TurboTax, Plaintiff Diaz entered into an agreement with Intuit. Based on information and belief that agreement is the 2010 Tax year agreement attached as Exhibit 1. Included within that agreement are the following provisions:

 

a. that TurboTax imposes a limit of three State e-filings per each federal return;

b. that pursuant to IRS requirements, Intuit would notify the IRS of the IP address from which the return originated;

c. that Intuit places the highest importance on protecting the privacy of its customers, and that customers should feel comfortable and confident that their personal data is being protected by Intuit;

d. that the agreement would be governed by California law and applicable federal law; and

e. That any federal court filings would be filed in the Northern District of California.

 

54. Plaintiff Diaz has not utilized TurboTax since filing her joint tax returns in 2010.

55. In or about January 2015, Plaintiff Diaz learned that there had been fraudulent state tax filings purportedly on her behalf in Michigan, Missouri, Ohio, and Oklahoma, and a federal tax filing with the IRS.

56. In March 2015, approximately four years from the last time Plaintiff Diaz utilized TurboTax, Plaintiff received a bill from TurboTax for $242.75 for the purported e-filing of 2014 state tax returns in Michigan, Missouri, Ohio, and Oklahoma, and for filing a federal home and business tax return.

57. At the time that Plaintiff Diaz learned of the multiple fraudulent filings, she had not yet submitted her tax returns for 2014. In fact, Plaintiff Diaz has not entered any information into TurboTax's system since 2011.

58. Further investigation revealed that someone had fraudulently filed these tax returns purportedly on Plaintiff Diaz's behalf through TurboTax.

59. On March 29, 2015, Plaintiff Diaz's husband called TurboTax about the fraudulent filings through TurboTax. He was advised by Intuit only that the fraudulent filings were made on January 26, 2015. Intuit refused to give any more information. He was advised that someone from Intuit would be in contact with him, but as of the date of this filing, no one from Intuit has contacted him.

60. As a result of this fraud through TurboTax, Plaintiff Diaz and/or her husband have spent more than 30 hours dealing with the ramifications of this fraud. Further, because of this fraud, Plaintiff Diaz is no longer eligible for electronic filing of her tax returns. The result is that tax refunds will be delayed for a significant period of time.

61. Further, because Intuit permitted fraudsters' access to her account information through lax security controls in violation of its contract with users and its obligations to secure private and sensitive data, Plaintiff Diaz is at a heightened risk of further identity theft requiring her to pay indefinitely for on-going credit monitoring.

B. Plaintiff Michelle Fugatt's Experience

62. Plaintiff Michelle Fugatt has never been a customer of TurboTax. She has not at any time provided information to TurboTax or authorized it to file any tax returns on her behalf.

63. On or about March 3, 2015, Plaintiff Fugatt learned that a fraudulent federal tax return had been filed under her name, when she received a bill from Intuit seeking payment for using the TurboTax services to file the tax return. Plaintiff Fugatt had not yet filed her 2014 tax return.

64. Since learning of the fraud, Plaintiff Fugatt has had to spend considerable time dealing with the ramifications of the fraud. Further, because of this fraud, Plaintiff Fugatt is no longer eligible for electronic filing of her tax returns. The result is that tax refunds will be delayed for a significant period of time and the delay in payment will cause considerable hardship upon her. Further, the fraudulent return was for much greater income than should have properly been claimed for Plaintiff Fugatt, and there is a reasonable concern that this could cause her to lose eligibility for certain government programs.

65. Further, because of Intuit's actions, Plaintiff Fugatt is at a heightened risk of further identity theft requiring her to pay indefinitely for on-going credit monitoring.

 

CLASS ALLEGATIONS

 

 

66. Plaintiffs bring this action on their own behalf, and on behalf of the following Classes pursuant to Federal Rules of Civil Procedure, Rule 23(a), 23(b)(2), 23(b)(3), and 23(c)(4). Specifically, the Classes are defined as follows:

 

Fraudulent Tax Return Filing Class

 

 

(Represented by Class Representative Christine Diaz and Michelle Fugatt)

All consumers and businesses in the United States who were the victim of fraudulent tax returns filed in their name through TurboTax.

(This class may be divided into sub-classes of those Plaintiffs and class members who had previously utilized TurboTax services and those who had not. This class or sub-class may proceed as a national class or be divided into sub-classes for Plaintiffs and class members of individual states.)

Data Breach Victim Class

 

(Represented by Class Representative Christine Diaz)

 

 

All consumers and businesses in the United States whose data was provided to Intuit through TurboTax and, while that data was being held by Intuit, subsequently accessed by unauthorized persons.

(This class or sub-class may proceed as a national class or be divided into sub-classes for Plaintiffs and class members of individual states.)

 

67. Together, these Classes shall be referred to herein as the "Class." Excluded from the Class is Defendant, its affiliates, employees, officers and directors, persons or entities that purchased and utilized TurboTax services, as well as the Judge(s) assigned to this case. Plaintiffs reserve the right to modify, change, or expand the Class definition.

68. Numerosity: Upon information and belief, the Class is so numerous that joinder of all members is impracticable. While the exact number and identities of individual members of the Class are unknown at this time, such information being in the sole possession of Defendant and obtainable by Plaintiffs only through the discovery process, Plaintiffs believe, and on that basis allege, that thousands of fraudulent tax filings in Turbo Tax customers' names were generated through TurboTax and potentially millions of TurboTax's customers data has been accessed.

69. Existence and Predominance of Common Questions of Fact and Law: Common questions of law and fact exist as to all members of the Class. These questions predominate over the questions affecting individual Class members. These common legal and factual questions include, but are not limited to:

 

a. whether Defendant failed to reasonably securely store and protect customer data provided to them through the TurboTax software program;

b. whether TurboTax was systematically used to file fraudulent tax returns for Intuit's TurboTax customers;

c. whether Defendant failed to reasonably prevent fraudulent opening of account for class members for the purpose of fraudulently filing tax returns in the name of these class members;

d. whether TurboTax was systematically used to fraudulently open accounts for class members for the purpose of fraudulently filing tax returns in the name of these class members;

e. whether Intuit customers' private data was breached;

f. whether Defendant failed to notify customers as to fraudulent tax filings in their name;

g. whether Defendant's facilitation of third party fraud is common to all or some of the Class members;

h. whether Defendant knowingly failed to disclose the existence and cause of the surge in fraudulent tax filings for the 2014 tax season;

i. whether Defendant's conduct violated the causes of action herein alleged;

j. whether, as a result of Defendant's conduct in this case, Plaintiffs and members of the Class have suffered an ascertainable loss of monies and/or property and/or value; and

k. whether Plaintiffs and Class members are entitled to monetary damages and/or other remedies, and, if so, the nature of any such relief.

 

70. Typicality: All of Plaintiffs' claims are typical of the claims of the Class they seek to represent. Furthermore, Plaintiffs and all members of the Class sustained monetary and economic injuries including, but not limited to, ascertainable losses arising out of Defendant's wrongful conduct. Plaintiffs are advancing the same claims and legal theories on behalf of themselves and all absent Class members. California law is the governing law as called for in Intuit's contract with customers.

71. Adequacy: All Plaintiffs are adequate representatives because their interests do not conflict with the interests of the Class that they seek to represent, they have retained counsel competent and highly experienced in complex class action litigation, and they intend to prosecute this action vigorously. The interests of the Class will be fairly and adequately protected by Plaintiffs and their counsel.

72. Superiority: A class action is superior to all other available means of fair and efficient adjudication of the claims of Plaintiffs and members of the Class. The injury suffered by each individual Class member is relatively small in comparison to the burden and expense of individual prosecution of the complex and extensive litigation necessitated by Defendant's conduct. It would be virtually impossible for members of the Class individually to redress effectively the wrongs done to them. Even if the members of the Class could afford such individual litigation, the court system could not. Individualized litigation presents a potential for inconsistent or contradictory judgments. Individualized litigation increases the delay and expense to all parties, and to the court system, presented by the complex legal and factual issues of the case. By contrast, the class action device presents far fewer management difficulties, and provides the benefits of single adjudication, an economy of scale, and comprehensive supervision by a single court. Upon information and belief, members of the Class can be readily identified and notified based on, inter alia, Defendant's customer database and records of complaints.

73. Defendant has acted, and refused to act, on grounds generally applicable to the Class, thereby making appropriate final equitable relief with respect to the Class as a whole.

74. This action is properly maintained as a Class Action pursuant to Rule 23(b) of the Federal Rules of Civil Procedure, in that:

 

a. Without class certification and determination of declaratory, injunctive, statutory and other legal questions within the class format, prosecution of separate actions by individual members of the Class will create the risk of:

 

i. Inconsistent or varying adjudications with respect to individual members of the Class which would establish incompatible standards of conduct for the parties opposing the Class; or

ii. Adjudication with respect to individual members of the Class which would as a practical matter be dispositive of the interests of the other members not parties to the adjudication or substantially impair or impede their ability to protect their interests;

 

b. The parties opposing the Class have acted or refused to act on grounds generally applicable to each member of the Class, thereby making appropriate final injunctive or corresponding declaratory relief with respect to the Class as a whole; or

c. Common questions of law and fact exist as to the members of the Class and predominate over any questions affecting only individual members, and a Class Action is superior to other available methods of the fair and efficient adjudication of the controversy, including consideration of:

 

i. The interests of the members of the Class in individually controlling the prosecution or defense of separate actions;

ii. The extent and nature of any litigation concerning controversy already commenced by or against members of the Class;

iii. The desirability or undesirability of concentrating the litigation of the claims in the particular forum;

iv. The difficulties likely to be encountered in the management of a Class Action.

FIRST CAUSE OF ACTION

 

 

VIOLATION OF CALIFORNIA UNFAIR COMPETITION LAWS

 

 

(Cal. Bus. & Prof. Code § 17200)

 

 

(On Behalf of the Fraudulent Tax Return Filing Class and Data

 

Breach Victim Class)

 

 

75. Plaintiffs and the Class incorporate by reference each preceding and succeeding paragraph as though fully set forth at length herein.

76. California Unfair Competition Law ("UCL") prohibits acts of "unfair competition," including any "unlawful, unfair or fraudulent business act or practice" and "unfair, deceptive, untrue or misleading advertising." Cal. Bus. & Prof. Code § 17200.

77. Defendant has engaged in unfair competition and unfair, unlawful, or fraudulent business practices by the conduct described above, and by knowingly or carelessly failing to secure data, failing to adequately confirm the identifier of the person or business filing the tax return, and facilitating third party tax fraud, thereby increasing its revenues. Further, Defendant should have disclosed this information to affected customers because it was in a superior position to know the true facts related to the extent of the third party tax fraud being committed with the assistance of Intuit's TurboTax software. Additionally, Plaintiffs and Class members could not reasonably be expected to learn or discover the true facts related to Defendant's facilitation of third party tax fraud.

78. The sudden surge in fraudulent tax filings that took place during this year's tax season constitutes a cyber security issue that triggered Intuit's duty to disclose its cyber security and fraudulent filings issues to affected consumers.

79. These acts and practices have deceived Plaintiffs, and are likely to deceive the public, in terms of how secure their data is under Defendant's care. In failing to notify Plaintiffs and the Class members as to the fraudulent tax filings made in their names, Defendant breached its duty to disclose these facts, violated the UCL, and caused injuries to Plaintiffs and the Class members. Defendant's failure to notify affected customers as to the fraudulent filings made in their name and generated by TurboTax pertained to information that was material to Plaintiffs and Class members, as it would have been to all reasonable consumers.

80. The application of this California statute to customers outside the state of California is proper because the contract with customers dictates California law governs any disputes under the contract and that Intuit is a resident of California, and based on information and belief, all or a substantial number of the decisions leading to the claims by Intuit were made and carried out in the state of California.

81. The injuries suffered by Plaintiffs and the Class members are greatly outweighed by any potential countervailing benefit to consumers or to competition, nor are they injuries that Plaintiffs and the Class members could have reasonably avoided. Furthermore, to the extent Defendant has discretion in choosing and implementing security measures and providing notice of fraudulent conduct, it has not done so reasonably and in good faith.

82. Defendant's acts and practices are unlawful because they violate California Civil Code §§ 1798.81.5 and 1798.82, and other additional federal and state statutes and regulations.

83. Plaintiffs seek to enjoin further unlawful, unfair, and/or fraudulent acts or practices by Defendant, to obtain restitutionary disgorgement of all monies and revenues generated as a result of such practices, and all other relief allowed under California Business and Professions Code section 17200.

 

SECOND CAUSE OF ACTION

 

 

VIOLATION OF CALIFORNIA'S CUSTOMER RECORDS ACT (Cal. Civ.

 

Code §§ 1798.81.5, 1798.82)

 

 

(Data Breach Victim Class)

 

 

84. Plaintiffs and the Class incorporate by reference each preceding and succeeding paragraph as though fully set forth at length herein.

85. "[T]o ensure that personal information about California residents is protected," the California legislature enacted California Civil Code section 1798.81.5, which requires that any business that "owns or licenses personal information about a California resident shall implement and maintain reasonable security procedures and practices appropriate to the nature of the information, to protect the personal information from unauthorized access, destruction, use, modification, or disclosure."

86. By failing to implement reasonable measures to protect its customer's personal data, Intuit violated California Civil Code section 1798.81.5.

87. Additionally, by failing to promptly notify all affected TurboTax customers that fraudsters had used TurboTax to file fraudulent tax returns in the customer's name, Intuit violated California Civil Code section 1798.82 of the same title.

88. By violating California Civil Code sections 1798.81.5 and 1798.82, Intuit "may be enjoined" under Civil Code section 1798.84(e).

89. Additionally, Intuit's violations of California Civil Code section 1798.81.5 and 1798.82 constitute an unlawful act or practice under California's Unfair Competition Law ("UCL"), Cal. Bus. & Prof. Code § 17200 et seq., which affords the Court discretion to enter whatever orders it concludes is necessary to prevent future unlawful acts or practices.

90. Accordingly, Plaintiffs request that the Court enter an injunction requiring Intuit to implement and maintain reasonable security measures, including, but not limited to, ordering that Intuit: (1) utilize strong industry encryption algorithms; (2) implement the same two-step authentication process that email and social networking companies have implemented for years; (3) return to its previous practice of flagging and reporting fraudulent tax filings to the IRS in a timely manner; (4) engage in third party security audits/tests as well as internal security personnel to conduct testing, including simulated attacks, penetration tests, and audits on TurboTax's systems periodically, consistent with industry standard practices; (5) engage third party security auditors and internal security personnel to run automated security monitoring, consistent with industry standard practices; (6) audit, test, and train its security personnel regarding any new or modified procedures; (7) conduct regular database scanning and security checks, consistent with industry standard practices; (8) periodically conduct internal training and education to inform internal security personnel how to identify and contain a data breach when/if one occurs and what to do in response to a potential data breach, consistent with industry standard practices; and (9) disclose to affected customers the date, data, and circumstances of any data that was accessed and/or utilized by unauthorized persons.

91. Further, Plaintiffs request that the Court require Intuit to identify and notify all members of the Nationwide and Contract Classes within 24 hours of Intuit discovering that their personal information has been compromised by cybercriminals.

 

THIRD CAUSE OF ACTION

 

 

AIDING AND ABETTING FRAUD

 

 

(On Behalf of the Fraudulent Tax Return Filing Class and Data

 

Breach Victim Class)

 

 

92. Plaintiffs and the Class incorporate by reference each preceding and succeeding paragraph as though fully set forth at length herein.

93. Plaintiffs bring this action for aiding and abetting under the common law rule for imposing liability based on aiding and abetting, which has been adopted by California courts.

94. On information and belief, Plaintiffs allege that Intuit had actual knowledge that fraudsters were repeatedly filing fraudulent tax returns in TurboTax customers' and non-customers' names that were then filed by fraudsters using TurboTax.

95. On information and belief, Defendant knew that there was a great possibility that tax fraudsters would use TurboTax customers' personal information obtained through Intuit or from other sources to file fraudulent tax returns through TurboTax.

96. Further, Defendant substantially aided and assisted in the fraudulent filing of tax returns by failing to implement appropriate procedures to prevent the fraudulent filing of false tax returns by the use of Turbo Tax software and to ensure that the person filing tax returns with Turbo Tax software is actually that person and not an imposter.

97. On information and belief, Plaintiffs allege that Defendant substantially aided and assisted the perpetrators of fraudulent tax return filings by failing to employ commercially reasonable means of verifying that the person filing taxes through a TurboTax account is indeed that person and not an imposter.

98. Additionally, Defendant substantially aided and assisted the fraudsters by transmitting the fraudulent tax returns in Plaintiffs' and Class members' names to the IRS.

99. Finally, rather than timely notifying the IRS and the affected TurboTax customer as to the fraudulent filings transmitted through TurboTax, Defendant substantially aided and assisted the perpetrators of the imposter fraud by failing or delaying to flag such fraudulent filings.

100. As a result of Defendant's breach, Plaintiffs and the Classes have suffered harm, as they have been exposed to identity theft and tax fraud, and seek relief as prayed for below.

 

FOURTH CAUSE OF ACTION

 

 

NEGLIGENT ENABLEMENT OF THIRD PARTY IMPOSTER FRAUD

 

 

(Fraudulent Tax Return Filing Class)

 

 

101. Plaintiffs and the Class incorporate by reference each preceding and succeeding paragraph as though fully set forth at length herein.

102. On information and belief, Plaintiffs allege that Intuit knew or should have known that fraudsters were repeatedly filing fraudulent tax returns in TurboTax customers' names that were then filed by fraudsters using TurboTax.

103. At all times, Defendant knew or should have know that there was a great possibility that tax fraudsters would use TurboTax customers' personal information obtained through Intuit or from other sources to file fraudulent tax returns through TurboTax.

104. Further, Defendant owed a duty of reasonable care to the person in whose name and identity a TurboTax account is opened and maintained to ensure that the person using that account to file tax returns is actually that person and not an imposter.

105. On information and belief, Plaintiffs allege that Intuit failed in its duty to employ commercially reasonable means of verifying that the person filing taxes through a TurboTax account is indeed that person and not an imposter.

106. Additionally, Defendant had an affirmative duty not to transmit fraudulent tax returns in Plaintiffs' and Class members' names to the IRS. Rather than notifying the IRS and the affected TurboTax customer as to the fraudulent filings transmitted through TurboTax, Defendant negligently enabled the imposter fraud by failing or delaying to flag such fraudulent filings.

107. As a result of Defendant's breach, Plaintiffs and the Classes have suffered harm, as they have been exposed to identity theft and tax fraud, and seek relief as prayed for below.

 

FIFTH CAUSE OF ACTION

 

 

NEGLIGENCE

 

 

(On Behalf of the Fraudulent Tax Return Filing Class and Data

 

Breach Victim Class)

 

 

108. Plaintiffs and the Class incorporate by reference each preceding and succeeding paragraph as though fully set forth at length herein.

109. Plaintiffs bring this Claim on behalf of the Nationwide Class under California law.

110. Defendant required Plaintiffs and the Class members to submit sensitive personal and financial information in order to use TurboTax for tax filing purposes. As such, Defendant was actively engaged in the business of collecting, storing and maintaining such data.

111. Plaintiffs allege that Defendant assumed a duty of care to use reasonable means to secure and safeguard this personal and financial information, to prevent use of that information by third party fraudsters and cybercriminals, and to safeguard such information from being stolen. Included in Intuit's duty was a responsibility to implement a process by which it could detect a breach of its security systems and any fraudulent filings in a reasonably expeditious period of time.

112. Intuit breached its duty of care by failing to fulfill its legal duty to protect its customers' sensitive personal and financial information by allowing identity thieves to file thousands or even millions of fraudulent tax filings by using Plaintiffs' and the Classes' personal data as maintained by TurboTax. Additionally, Intuit breached its duty of care by failing to detect and prevent identity compromise of third party non-customers by allowing identity thieves to file fraudulent tax returns through TurboTax.

113. Given the risks associated with data breaches and identity theft, Intuit also assumed a duty of care to promptly and fully notify and inform its customers should their personal information be compromised or if any fraudulent filings were made in their name through a fraudster's use of TurboTax.

114. By failing to implement the proper cyber security measures to ensure that Plaintiffs' and Class members' personal and financial data was safeguarded from fraudsters and cybercriminals, Intuit breached its duty of care.

115. As a result of Defendant's breach, Plaintiffs and the Classes have suffered harm, as they have been exposed to identity theft and tax fraud, and seek relief as prayed for below.

 

SIXTH CAUSE OF ACTION

 

BREACH OF CONTRACT

 

 

(On Behalf of the Data Breach Victim Class and the Fraudulent

 

Tax Return Class)

 

 

116. Plaintiffs and the Class incorporate by reference each preceding and succeeding paragraph as though fully set forth at length herein.

117. Plaintiffs bring this action for breach of contract under California law, pursuant to the choice of law provision set forth in Intuit's contract with all of its customers.

118. As such, Plaintiffs acknowledge that this breach of contract claim would not apply to those members of the Fraudulent Tax Return Class, who as non-customers did not enter into a customer agreement with Intuit's TurboTax. However, if the Fraudulent Tax Return Class is later divided into sub-classes, then Plaintiff's breach of contract claim would apply to the sub-class comprised of Class members who are currently or were TurboTax customers.

119. Defendant entered into written contracts with Plaintiffs and the Class in which it agreed to: (1) impose a limit of three state e-files per every one federal return; and (2) protect the data provided it to by the customer.

120. Additionally, as part of its written agreement with Plaintiffs and the Classes, Intuit stated, "We want you to feel comfortable and confident when using our products and services and with entrusting your personal and tax return information with us." However, as Defendant's conduct described above illustrates, Defendant failed to act in accordance with this express contractual term as it continuously facilitated third party tax fraud to be committed without flagging such filings to the IRS or state tax agencies. In doing so, Defendant placed its own profits above the security of its customers' most sensitive personal and financial data.

121. Additionally, there is an implied covenant of good faith and fair dealing regarding contractual obligations Intuit made to its customers who had entered contracts with it, that there data would be secure and that Intuit would take reasonable and good faith measures to protect customers from fraudsters using TurboTax to file fraudulent tax returns in the name of customers.

122. As such, Defendant breached its express and implied contractual obligations by failing to safeguard the personal and financial information of Plaintiffs and the Classes; by failing to prevent the fraudulent filing of tax returns; and by failing to timely notify customers that their personal and financial information had been compromised by fraudsters.

123. Meanwhile, Plaintiffs and the Class members have performed all conditions, covenants, and promises required by each of them on their part to be performed in accordance with the terms and conditions of the contract.

124. As a direct and proximate result of Intuit's breach of express terms and implied covenants of the contract, Plaintiffs and the Class members have been injured and damaged in an amount to be proven at trial, which shall include, but is not limited to all compensatory damages, incidental and consequential damages, and other damages allowed by law.

 

PRAYER FOR RELIEF

 

 

WHEREFORE, Plaintiffs, on behalf of themselves and members of the Classes, respectfully requests that this Court:

 

A. determine that the claims alleged herein may be maintained as a class action under Rule 23 of the Federal Rules of Civil Procedure, and issue an order certifying one or more Classes as defined above;

B. appoint Plaintiffs as the representatives of the Classes and their counsel as Class counsel;

C. award all actual, general, special, incidental, statutory, equitable, punitive, and consequential damages and restitution to which Plaintiffs and the Class members are entitled;

D. award pre-judgment and post-judgment interest on such monetary relief;

E. grant appropriate injunctive and/or declaratory relief, including, without limitation, an order that requires Defendant to implement stricter cyber security measures that will adequately safeguard customer's most sensitive personal and financial data moving forward;

F. award reasonable attorneys' fees and costs, pursuant to the customer agreement, California Civil Procedure § 1021.5, California Civil Code § 1798.84(g), and other relevant statutes; and

G. grant such further relief that this Court deems appropriate.

 

Dated: April 20, 2015
Respectfully submitted,

 

 

By: Richard D. McCune

 

Attorneys for Plaintiffs and

 

Putative Classes

 

McCunewright LLP

 

JURY DEMAND

 

 

Plaintiffs, on behalf of themselves and the putative Classes, demand a trial by jury on all issues so triable.

Dated: April 20, 2015

By: Richard D. McCune

 

Attorneys for Plaintiffs and

 

Putative Classes

 

McCunewright LLP

 

FOOTNOTE

 

 

1See https://turbotax.intuit.com/ last viewed 2015-04-19.

 

END OF FOOTNOTE
DOCUMENT ATTRIBUTES
  • Case Name
    CHRISTINE DIAZ AND MICHELLE FUGATT, ON BEHALF OF THEMSELVES AND ALL OTHERS SIMILARLY SITUATED, Plaintiffs, v. INTUIT, INC., AND DOES 1 THROUGH 100, INCLUSIVE, Defendants.
  • Court
    United States District Court for the Northern District of California
  • Docket
    Case 5:15-cv-01778-PSG
  • Authors
    McCune, Richard D.
  • Institutional Authors
    McCune Wright LLP
  • Subject Area/Tax Topics
  • Jurisdictions
  • Language
    English
  • Tax Analysts Document Number
    Doc 2015-9735
  • Tax Analysts Electronic Citation
    2015 TNT 79-14
Copy RID