Pasco Systems Corp. v. B2, LLC, d/b/a Virtual IT

CourtDistrict Court, D. Nebraska
DecidedJune 4, 2026
Docket8:25-cv-00612
StatusUnknown

This text of Pasco Systems Corp. v. B2, LLC, d/b/a Virtual IT (Pasco Systems Corp. v. B2, LLC, d/b/a Virtual IT) is published on Counsel Stack Legal Research, covering District Court, D. Nebraska primary law. Counsel Stack provides free access to over 12 million legal documents including statutes, case law, regulations, and constitutions.

Bluebook
Pasco Systems Corp. v. B2, LLC, d/b/a Virtual IT, (D. Neb. 2026).

Opinion

IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF NEBRASKA

PASCO SYSTEMS CORP.,

Plaintiff, 8:25CV612

vs. MEMORANDUM AND ORDER ON DEFENDANT’S MOTION FOR PARTIAL B2, LLC, d/b/a/ VIRTUAL IT, DISMISSAL

Defendant.

This matter is before the Court on Defendant B2, LLC’s, d/b/a Virtual IT’s (Virtual IT’s), Amended Partial Motion to Dismiss, Filing 24, seeking dismissal of Plaintiff Pasco Systems Corporation’s (Pasco’s) claims for negligence, breach of fiduciary duty, fraudulent misrepresentation, and breach of express and implied warranties pursuant to Federal Rule of Civil Procedure 12(b)(6). Filing 24. The motion does not seek dismissal of Pasco’s breach of contract claim. Filing 24. For the reasons stated below, the Court grants in part and denies in part Virtual IT’s Motion for Partial Dismissal. The Court grants the motion with respect to Pasco’s claims for breach of fiduciary duty, fraudulent misrepresentation, and breach of express and implied warranties. The Court denies the motion with respect to Pasco’s negligence claim. 1 I. INTRODUCTION A. Factual Background For the purposes of this motion, the Court considers the following allegations from the Complaint as true to the extent that they are nonconclusory. See Bauer v. AGA Serv. Co., 25 F.4th 587, 589 (8th Cir. 2022) (quoting Pietoso, Inc. v. Republic Servs., Inc., 4 F.4th 620, 622 (8th Cir. 2021)). The Court also considers “materials necessarily embraced by the pleadings, including exhibits attached to the complaint and matters of public record.” LeMay v. Mays, 18 F.4th 283, 289 (8th Cir. 2021) (internal quotation marks and citations omitted). The Information Technology

Support Agreement (the Agreement), the Executive Summary of the Charles River Associates investigation, and Virtual IT marketing materials were attached to the First Amended Complaint (Amended Complaint) as Exhibits A–C. Filing 20-1. The following factual background is therefore drawn from the Amended Complaint and the attached exhibits. According to the Amended Complaint, “Pasco is an engineering, systems integration, and manufacturing company.” Filing 20 at 2 (¶ 2). Virtual IT is “a Managed Security Services Provider (MSSP) in the business of providing outsourced IT services, including installation and management of IT security equipment, software, data backup, and cybersecurity monitoring.” Filing 20 at 2 (¶ 3); Filing 20-1 at 2. “In August 2019, Pasco and [Virtual IT] entered into [the Agreement].” Filing 20 at 2 (¶ 5); Filing 20-1 (the Agreement).

“Under the Agreement, [Virtual IT] agreed to provide comprehensive IT services and security management for Pasco’s business. [Virtual IT] was responsible for, inter alia, maintaining Pasco’s computer systems, implementing cybersecurity measures, and managing data backup and recovery solutions for Pasco.” Filing 20 at 2–3 (¶ 5); see Filing 20-1. The Agreement provides, 2 Virtual IT must take reasonable technical and organizational measures to keep Customer Data secure and to protect it against accidental loss or unlawful destruction, alteration, disclosure or access; and, must deal with the information only in accordance with Customer’s instructions, provided they are reasonable and lawful. Virtual IT will comply with any reasonable information security policy requested by Customer. Filing 20-1 at 9. The Agreement further provides that “Virtual IT must back up Customer Data in accordance with Backup and Disaster Recovery (BDR) services described in the Documentation.” Filing 20-1 at 9. The Agreement also states that “Virtual IT warrants that (i) the Work Product will substantially conform to the Project Plan; and not contain any material errors; and (ii) the Professional Services will be performed with reasonable skill, care and diligence. The remedies set out in this Section 5 are Customer’s exclusive remedies for breach of either warranty.” Filing 20-1 at 9. Virtual IT was allegedly entrusted “with broad access to and control over [Pasco’s] network. [Virtual IT] was given administrator-level credentials for Pasco’s systems and was solely responsible for configuring security measures, monitoring the network for threats, and ensuring data backups were properly maintained and secure.” Filing 20 at 4 (¶ 12). According to Pasco, [Virtual IT] implemented a data backup regimen for Pasco. This included on-site backup storage at Pasco’s facilities and off-site backup storage at two geographically separate locations, one of which was at [Virtual IT’s] Omaha, Nebraska facility. [Virtual IT] was responsible for configuring and managing these backups so that, in the event of any system failure or cyber incident, Pasco’s data could be quickly restored. Filing 20 at 4–5 (¶ 13). Pasco further alleges, however, that “[u]nbeknownst to Pasco, [Virtual IT’s] configuration of the backup system left Pasco dangerously vulnerable: the backup files were not set to ‘read-only’ or otherwise protected from deletion by unauthorized users.” Filing 20 at 5. 3 Pasco alleges that “[i]n 2021, on [Virtual IT’s] recommendation, Pasco procured from Defendant Sophos Managed Detection and Response (MDR) and Endpoint Detection and Response (EDR) cybersecurity services, which [Virtual IT] installed and managed on Pasco’s Behalf.” Filing 20 at 3 (¶ 8). According to Pasco, “[Virtual IT] represented that this advanced security solution would detect and alert any unusual or malicious activity on Pasco’s network in real time, thereby protecting Pasco’s critical systems” and that “Pasco relied on [Virtual IT’s] expertise in selecting and managing this security system.” Filing 20 at 3 (¶¶ 8–9).

According to the Amended Complaint, “[o]n or about January 22, 2025, Pasco’s IT network was breached by the Threat Actor.” Filing 20 at 5 (¶ 15). The Threat Actor is alleged to be a “ransomware attacker” that “use[d] the network administrator credentials of [Virtual IT] to gain unfettered access to Pasco’s network.” Filing 20 at 1 at (¶ 1), 5 (¶ 15). “Once inside with administrator privileges, the Threat Actor [allegedly] made global changes to access policies and delivered a malware payload throughout the system.” Filing 20 at 5 (¶ 15). “[T]he Threat Actor [allegedly] gained access to Pasco’s backup files both on-site and off-site and deleted those backups.” Filing 20 at 5 (¶ 15). According to the Amended Complaint, [T]he Threat Actor executed ransomware that encrypted Pasco’s primary server, which housed Pasco’s Active Directory, engineering drawings, project files, and customer records. The Threat Actor exfiltrated an unknown quantity of Pasco’s proprietary data and left a ransom note on the server demanding payment of $743,000, effectively locking Pasco out of its own critical data. Filing 20 at 5 (¶ 15). According to the Amended Complaint, “Pasco did not pay the ransomware demand.” Filing 20 at 9 (¶ 27). According to the Amended Complaint, “[d]espite [Virtual IT’s] deployment of Sophos MDR . . . the ransomware attack was not halted in time. No effective warning or intervention by 4 [Virtual IT] occurred until the damage was done.” Filing 20 at 6 (¶ 16). According to Pasco, “Sophos did register a ransomware event on one of Pasco’s work stations in the early morning of January 25, 2025 – Sophos blocked malware activity at 3:57 AM and quarantined a machine – but that machine was released from quarantine by 11:57 AM the same day without further action.” Filing 20 at 6 (¶ 16).

Free access — add to your briefcase to read the full text and ask questions with AI

Related

Ashcroft v. Iqbal
556 U.S. 662 (Supreme Court, 2009)
Ashley County, Ark. v. Pfizer, Inc.
552 F.3d 659 (Eighth Circuit, 2009)
Cao v. Huan Nguyen
607 N.W.2d 528 (Nebraska Supreme Court, 2000)
DeSciose v. Chiles, Heider & Co., Inc.
476 N.W.2d 200 (Nebraska Supreme Court, 1991)
Wilke v. Woodhouse Ford, Inc.
774 N.W.2d 370 (Nebraska Supreme Court, 2009)
Schaneman v. Schaneman
291 N.W.2d 412 (Nebraska Supreme Court, 1980)
Aw v. Lancaster County School Dist. 0001
784 N.W.2d 907 (Nebraska Supreme Court, 2010)
Herman v. Bonanza Buildings, Inc.
390 N.W.2d 536 (Nebraska Supreme Court, 1986)
Gibb v. Citicorp Mortgage, Inc.
518 N.W.2d 910 (Nebraska Supreme Court, 1994)
John Deere Co. v. Hand
319 N.W.2d 434 (Nebraska Supreme Court, 1982)
Outlook Windows Partnership v. York International Corp.
112 F. Supp. 2d 877 (D. Nebraska, 2000)
William Martin v. State of Iowa
752 F.3d 725 (Eighth Circuit, 2014)
City of Philadelphia v. Beretta U.S.A. Corp.
277 F.3d 415 (Third Circuit, 2002)
Denise Blomker v. Sally Jewell
831 F.3d 1051 (Eighth Circuit, 2016)
Pietoso, Inc. v. Republic Services, Inc.
4 F.4th 620 (Eighth Circuit, 2021)
Kathrynn Pals v. Tony Weekly, Jr.
12 F.4th 878 (Eighth Circuit, 2021)
Jennifer L.M. LeMay v. Michael B. Mays
18 F.4th 283 (Eighth Circuit, 2021)
Logan Bauer v. AGA Service Company
25 F.4th 587 (Eighth Circuit, 2022)

Cite This Page — Counsel Stack

Bluebook (online)
Pasco Systems Corp. v. B2, LLC, d/b/a Virtual IT, Counsel Stack Legal Research, https://law.counselstack.com/opinion/pasco-systems-corp-v-b2-llc-dba-virtual-it-ned-2026.