On October 19, 2021, a federal trial court in South Carolina ruled that a group of consumers could proceed with common law negligence and gross negligence claims directly against their organizations’ vendor that had been the victim of a security breach—instead of suing the organizations of which they were customers.  In re Blackbaud, Inc. Customer Data Breach Litigation, Case No.: 3:20-mn-02972-JMC, MDL No. 2972 (D.S.C. Oct. 19, 2021).  The court therefore denied the vendor’s motion to dismiss these counts in the plaintiff’s complaint, although it did grant the motion to dismiss for the plaintiff’s negligence per se and unjust enrichment claims.