Might I have grounds for a lawsuit??

I’m the very antithesis of a litigious person, but something has just happened to me that makes me wonder if I have standing to punish a company for negligence.

I’m in the process of refinancing a couple of mortgages, consolidating debt, etc.

Without going in to deep detail, the mortgage company sent me a mortgage packet in the mail that contained correct loan paperwork for me and also contained a copy of a credit report - puportedly, the credit report upon which my loan paperwork is based.

The problem is that it isn’t MY credit report.

So, I now have in my possesion the most private and vital data of a couple in Washington state. I have long lists of their prior addresses, credit card numbers, loan numbers, telephone account numbers, SSN’s, etc.

In short, I have everything and more that an identity thief would need to steal these people’s lives. A complete credit history that goes back many years.

So, if I got someone else’s credit report, who the hell got mine? DID anyone else get mine? HOW MANY people have mine? The company couldn’t answer any of those questions and in fact, told me that this is a known problem with the software that they use to print out the mortgage packets.

Does a human being not double check these things before they go in the mail???

Tomorrow morning, I plan to contact a lawyer and the state attorney general’s office. I’m not sure if this is a criminal act of negligence or simply a civil issue, but I’m now scared to death that someone, WHO? has my personal private information out there someplace. The mortgage company doesn’t appear to be able to prove that someone doesn’t have it.

IANAL, so what do you think?

Nobody here should be giving out legal advice(call a lawyer!), but I will point out that you cannot at this point in time prove deliberate malice or harm towards yourself.

I’d say call a lawyer, too. I have no legal advice, and not even a clue if my guess might be remotely on target - but I’m also not convinced that “deliberate malice” applies to an accusation of negligence. It would seem to me…

Never mind, don’t even listen to me. Call a lawyer.

(If I were you I’d be ticked off too, though.)

Seems to me the people who have a lawsuit are the couple in Washington. Have you considered contacting them? (after all you have there home phone number :D) If they bring one, the ensuing investigation might turn up grounds for a lot of lawsuits.

But I think you might have a hard time on your own if you can’t prove you’ve been harmed directly.

Keeping in mind I get all my legal expertise from cop shows on television…

Listen to Czarcasm, but call a lawyer anyway.

Unless the credit report was sent to you as an attempt to cause harm, nothing illegal has been done. And because you suffered no harm at all, you have no legal standing to bring a lawsuit. You will most likely be directed to return the misdirected credit report to the mortgage company.

Isn’t there something called “due diligence” that would hold them accountable for making a minimal effort to keep confidential information out of the wrong hands? I’ve got as much law experience as Betenoir, but I say even if they don’t owe YOU anything, there has to be some sort of standard that’s been violated and they’d be reprimanded in some way. I mean, it’s not about the money…it’s the principle of the thing.

Watch your credit reports like a HAWK for the next few years, my friend.

Update - I spoke with the Attorney General’s offices in both Oregon and Washington today as well as with my legal firm.

The answers are, at best, murky. According to the AG’s offices and the attorneys, I may very well have grounds for a case - as would the couple in WA, as would anyone else this happened to. The suggestion was to attempt to form a class of people that this has happened to in order to file a class action suit. Oregon and Washington both have enacted some fairly strong privacy and disclosure laws recently and all of this is kind of an area of “new” law. Apparently, as I understood it from a LONG conversation with a banking industry examiner at the Washington AG’s office, under some of the new statutes, there is no longer any need to prove that actual harm has been done. Simply that negligent act of releasing the information may be sufficient to provide standing for a claim, assuming negligence can actually be proven. Basically, it comes down to the idea that with a person’s private information in the wrong hands, there is the potential for future harm that can’t be catergorized.

It’s interesting at least.

Anyway, I’m getting good legal advice from actual lawyers now and I’m gathering more information. I’ve been advised to file a report with the credit bureaus to get this on record in case nasty things begin showing up in my file and I’ve also been advised to take extra care to thoroughly check and track my personal credit info for the next 12 months or so.

It’s certainly getting spooky out there.

Anyone got a matress in which to keep money?