IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF NEBRASKA
PASCO SYSTEMS CORP.,
Plaintiff, 8:25CV612
vs. MEMORANDUM AND ORDER ON DEFENDANT’S MOTION FOR PARTIAL B2, LLC, d/b/a/ VIRTUAL IT, DISMISSAL
Defendant.
This matter is before the Court on Defendant B2, LLC’s, d/b/a Virtual IT’s (Virtual IT’s), Amended Partial Motion to Dismiss, Filing 24, seeking dismissal of Plaintiff Pasco Systems Corporation’s (Pasco’s) claims for negligence, breach of fiduciary duty, fraudulent misrepresentation, and breach of express and implied warranties pursuant to Federal Rule of Civil Procedure 12(b)(6). Filing 24. The motion does not seek dismissal of Pasco’s breach of contract claim. Filing 24. For the reasons stated below, the Court grants in part and denies in part Virtual IT’s Motion for Partial Dismissal. The Court grants the motion with respect to Pasco’s claims for breach of fiduciary duty, fraudulent misrepresentation, and breach of express and implied warranties. The Court denies the motion with respect to Pasco’s negligence claim. 1 I. INTRODUCTION A. Factual Background For the purposes of this motion, the Court considers the following allegations from the Complaint as true to the extent that they are nonconclusory. See Bauer v. AGA Serv. Co., 25 F.4th 587, 589 (8th Cir. 2022) (quoting Pietoso, Inc. v. Republic Servs., Inc., 4 F.4th 620, 622 (8th Cir. 2021)). The Court also considers “materials necessarily embraced by the pleadings, including exhibits attached to the complaint and matters of public record.” LeMay v. Mays, 18 F.4th 283, 289 (8th Cir. 2021) (internal quotation marks and citations omitted). The Information Technology
Support Agreement (the Agreement), the Executive Summary of the Charles River Associates investigation, and Virtual IT marketing materials were attached to the First Amended Complaint (Amended Complaint) as Exhibits A–C. Filing 20-1. The following factual background is therefore drawn from the Amended Complaint and the attached exhibits. According to the Amended Complaint, “Pasco is an engineering, systems integration, and manufacturing company.” Filing 20 at 2 (¶ 2). Virtual IT is “a Managed Security Services Provider (MSSP) in the business of providing outsourced IT services, including installation and management of IT security equipment, software, data backup, and cybersecurity monitoring.” Filing 20 at 2 (¶ 3); Filing 20-1 at 2. “In August 2019, Pasco and [Virtual IT] entered into [the Agreement].” Filing 20 at 2 (¶ 5); Filing 20-1 (the Agreement).
“Under the Agreement, [Virtual IT] agreed to provide comprehensive IT services and security management for Pasco’s business. [Virtual IT] was responsible for, inter alia, maintaining Pasco’s computer systems, implementing cybersecurity measures, and managing data backup and recovery solutions for Pasco.” Filing 20 at 2–3 (¶ 5); see Filing 20-1. The Agreement provides, 2 Virtual IT must take reasonable technical and organizational measures to keep Customer Data secure and to protect it against accidental loss or unlawful destruction, alteration, disclosure or access; and, must deal with the information only in accordance with Customer’s instructions, provided they are reasonable and lawful. Virtual IT will comply with any reasonable information security policy requested by Customer. Filing 20-1 at 9. The Agreement further provides that “Virtual IT must back up Customer Data in accordance with Backup and Disaster Recovery (BDR) services described in the Documentation.” Filing 20-1 at 9. The Agreement also states that “Virtual IT warrants that (i) the Work Product will substantially conform to the Project Plan; and not contain any material errors; and (ii) the Professional Services will be performed with reasonable skill, care and diligence. The remedies set out in this Section 5 are Customer’s exclusive remedies for breach of either warranty.” Filing 20-1 at 9. Virtual IT was allegedly entrusted “with broad access to and control over [Pasco’s] network. [Virtual IT] was given administrator-level credentials for Pasco’s systems and was solely responsible for configuring security measures, monitoring the network for threats, and ensuring data backups were properly maintained and secure.” Filing 20 at 4 (¶ 12). According to Pasco, [Virtual IT] implemented a data backup regimen for Pasco. This included on-site backup storage at Pasco’s facilities and off-site backup storage at two geographically separate locations, one of which was at [Virtual IT’s] Omaha, Nebraska facility. [Virtual IT] was responsible for configuring and managing these backups so that, in the event of any system failure or cyber incident, Pasco’s data could be quickly restored. Filing 20 at 4–5 (¶ 13). Pasco further alleges, however, that “[u]nbeknownst to Pasco, [Virtual IT’s] configuration of the backup system left Pasco dangerously vulnerable: the backup files were not set to ‘read-only’ or otherwise protected from deletion by unauthorized users.” Filing 20 at 5. 3 Pasco alleges that “[i]n 2021, on [Virtual IT’s] recommendation, Pasco procured from Defendant Sophos Managed Detection and Response (MDR) and Endpoint Detection and Response (EDR) cybersecurity services, which [Virtual IT] installed and managed on Pasco’s Behalf.” Filing 20 at 3 (¶ 8). According to Pasco, “[Virtual IT] represented that this advanced security solution would detect and alert any unusual or malicious activity on Pasco’s network in real time, thereby protecting Pasco’s critical systems” and that “Pasco relied on [Virtual IT’s] expertise in selecting and managing this security system.” Filing 20 at 3 (¶¶ 8–9).
According to the Amended Complaint, “[o]n or about January 22, 2025, Pasco’s IT network was breached by the Threat Actor.” Filing 20 at 5 (¶ 15). The Threat Actor is alleged to be a “ransomware attacker” that “use[d] the network administrator credentials of [Virtual IT] to gain unfettered access to Pasco’s network.” Filing 20 at 1 at (¶ 1), 5 (¶ 15). “Once inside with administrator privileges, the Threat Actor [allegedly] made global changes to access policies and delivered a malware payload throughout the system.” Filing 20 at 5 (¶ 15). “[T]he Threat Actor [allegedly] gained access to Pasco’s backup files both on-site and off-site and deleted those backups.” Filing 20 at 5 (¶ 15). According to the Amended Complaint, [T]he Threat Actor executed ransomware that encrypted Pasco’s primary server, which housed Pasco’s Active Directory, engineering drawings, project files, and customer records. The Threat Actor exfiltrated an unknown quantity of Pasco’s proprietary data and left a ransom note on the server demanding payment of $743,000, effectively locking Pasco out of its own critical data. Filing 20 at 5 (¶ 15). According to the Amended Complaint, “Pasco did not pay the ransomware demand.” Filing 20 at 9 (¶ 27). According to the Amended Complaint, “[d]espite [Virtual IT’s] deployment of Sophos MDR . . . the ransomware attack was not halted in time. No effective warning or intervention by 4 [Virtual IT] occurred until the damage was done.” Filing 20 at 6 (¶ 16). According to Pasco, “Sophos did register a ransomware event on one of Pasco’s work stations in the early morning of January 25, 2025 – Sophos blocked malware activity at 3:57 AM and quarantined a machine – but that machine was released from quarantine by 11:57 AM the same day without further action.” Filing 20 at 6 (¶ 16). Pasco alleges that “[b]y approximately 12:30 PM on January 25, 2025, [Virtual IT’s] CEO contacted Pasco to report ‘unusual behavior’ on the servers, as alerted by Sophos. By 4:00 PM on January 25, 2025, [Virtual IT] confirmed to Pasco that a ransomware attack had occurred on the
primary server and that both local and off-site backups were ‘unusable’.” 1 Filing 20 at 6 (¶ 16). The attack allegedly caused Pasco to lose “access to the entirety of its data, including not only drawings and customer information and history, but also to the tools its employees required to perform work.” Filing 20 at 6 (¶ 17). Because Pasco’s employees were shut out of tools such as “AutoCAD” and “SolidWorks,” “no work could be accomplished” and “no customers could be supported” for two weeks. Filing 20 at 6 (¶ 17). According to the Amended Complaint, “during a post-attack investigation, an older decommissioned server (retired in mid-2023) was discovered on Pasco’s premises that still contained data up to the point it was replaced.” Filing 20 at 6–7 (¶ 17). “This older server’s files were [allegedly] intact and became the only remaining source of Pasco’s
data prior to the last 18 months. Everything created or updated in the most recent 18-month period was effectively gone, including new engineering designs, project files, and up-to-date customer records that did not exist on the old server.” Filing 20 at 7 (¶ 17).
1 The Amended Complaint does not explain why Pasco apparently did not notice the attack before Pasco was contacted by Virtual IT’s CEO on Saturday, January 25, 2025. 5 According to the Amended Complaint, “After the breach was discovered, Pasco’s counsel engaged a third-party forensic firm, Parameter Security, to investigate the incident (at Pasco’s expense).” Filing 20 at 7 (¶ 19). Pasco maintains that the investigation revealed that Virtual IT “had failed to implement even basic cybersecurity hygiene on Pasco’s network: for example, several computers on the network had no Sophos MDR or any of [Virtual IT’s] security tools installed at all. These unprotected machines (including ones used regularly by employees) were essentially blind spots in the network defense, making the entire environment more vulnerable.” Filing 20 at 7 (¶ 21).
Pasco alleges that “[Virtual IT] never audited or informed Pasco of these protection gaps, nor did it take corrective action before disaster struck.” Filing 20 at 7 (¶ 21). The Amended Complaint states that “[Virtual IT] commissioned a study by Charles River Associates (CRA) of the ransomware attack on Pasco.” Filing 20 at 8 (¶ 23); Filing 20-1 at 15–18 (Executive Summary). The Executive Summary explains that “CRA reviewed the collected forensic artifacts from the Virtual IT systems, and determined that a threat actor (TA) was able to gain access to Virtual IT’s ScreenConnect instance via a phishing email sent to a Virtual IT user’s company email account on January 22, 2025. . . .” Filing 20-1 at 16. The Executive Summary states further that “[c]licking the link in the phishing email prompted the user to enter administrator credentials
for Virtual IT’s legitimate ScreenConnect instance and provide their [Multi-Factor Authentication (MFA)] code, allowing [the TA] temporary access to the Virtual IT ScreenConnect.” Filing 20-1 at 16. According to the Executive Summary, “[o]n January 22, 2025, at 8:54 PM the TA then utilized Virtual IT’s legitimate ScreenConnect instance to push out and install a malicious version of the ScreenConnect software controlled by the TA” and that “[o]nce installed, the TA utilized the malicious version of ScreenConnect to connect to Virtual IT client systems.” Filing 20-1 at 16. 6 According to the Amended Complaint, “[a]t significant expense, Pasco was able to recover some of its compromised files,” but “[a]s work progresses, Pasco continues to find some files to be unreliable and to require reworking.” Filing 20 at 9 (¶ 26). “Pasco [allegedly] did not pay the ransomware demand.” Filing 20 at 9 (¶ 27). Pasco maintains that “[the] proprietary engineering and customer files [that] were exfiltrated by the Threat Actor and remain in the Threat Actor’s possession” were “accumulated over 49 years in business, and the associated customer files including Pasco’s costing and pricing models, are all available to be sold to anyone interested.”
Filing 20 at 10 (¶ 33). Pasco finally alleges it has incurred significant damages caused by Virtual IT’s alleged failures to keep Pasco’s data and systems secure. See Filing 20 at 9–12. B. Procedural Background Pasco filed the original complaint on October 13, 2025. Filing 1. Virtual IT filed a motion to dismiss for failure to state a claim on January 15, 2026. Filing 19. On February 5, 2026, Pasco filed the Amended Complaint, Filing 20, alleging five claims. Count I is a negligence claim. Filing 20 at 12. Count II is a breach of contract claim. Filing 20 at 15. Count III is for breach of fiduciary duty. Filing 20 at 18. Count IV is for fraudulent misrepresentation. Filing 20 at 21. Count V is for “Breach of Warranty (Express and Implied Warranties).” Filing 20 at 24. On February 24, 2026, Virtual IT filed the renewed motion for partial dismissal now before
the Court, seeking dismissal of Counts I, III, IV, and V under Federal Rule of Civil Procedure 12(b)(6), and a brief in support of that motion. Filing 24; Filing 24-2. On March 17, 2026, Pasco filed a brief in opposition to Virtual IT’s motion. Filing 25. On March 24, 2026, Virtual IT filed a reply brief in support of its motion. Filing 26.
7 II. ANALYSIS A. Rule 12(b)(6) Standards Federal Rule of Civil Procedure 12(b)(6) provides for a pre-answer motion to dismiss for failure to state a claim upon which relief can be granted. The Eighth Circuit Court of Appeals recently explained, “To survive a motion to dismiss, a complaint must contain sufficient factual matter, accepted as true to state a claim to relief that is plausible on its face.” Ashcroft v. Iqbal, 556 U.S. 662, 678, 129 S.Ct. 1937, 173 L.Ed.2d 868 (2009) (internal quotation marks omitted). “A claim has facial plausibility when the plaintiff pleads factual content that allows the court to draw the reasonable inference that the defendant is liable for the misconduct alleged.” Id. “In analyzing a motion to dismiss, a court must accept the allegations contained in the complaint as true and make all reasonable inferences in favor of the nonmoving party.” Martin v. Iowa, 752 F.3d 725, 727 (8th Cir. 2014). Geivett v. AMC Mgmt., LLC, 158 F.4th 900, 903 (8th Cir. 2025). Although courts must accept a complaint’s allegations as true, courts “do not accept ‘threadbare recitals of a cause of action’s elements, supported by mere conclusory statements,’” or legal conclusions unsupported by factual allegations. Dalen v. Harpstead, 123 F.4th 900, 903–04 (8th Cir. 2024) (quoting Iqbal, 556 U.S. at 663). The “elements of [a] prima facie case are [not] irrelevant to a plausibility determination” at the pleading stage. Blomker v. Jewell, 831 F.3d 1051, 1056 (8th Cir. 2016) (cleaned up). Instead, “such elements are part of the background against which a plausibility determination should be made.” Id. Specifically, the elements may be used as a “prism to shed light upon the plausibility of the claim.” Id. (citation omitted). 8 B. Pasco States a Negligence Claim 1. The Parties’ Arguments Virtual IT argues that Pasco’s negligence claim is barred by the economic loss doctrine. Filing 24-2 at 4. Virtual IT maintains that “Pasco’s negligence claim is premised on the same facts as [its] breach [of contract] claim,” the “damages asserted under each claim are nearly identical, and [the damages] fall within the definition of economic losses.” Filing 24-2 at 5. According to Pasco, the economic loss rule applies, and the negligence claim must be dismissed. Filing 24-2 at 5. In its response brief, Pasco maintains inter alia that “the economic loss doctrine does not
apply where there is damage done to ‘property other than the property that was sold pursuant to the contract.’” Filing 25 at 3–4 (quoting Lesiak v. Cent. Valley Ag Co-op., Inc., 808 N.W.2d 67, 83 (Neb. 2012)). Pasco argues that “the amended complaint identifies other, physical property damage even beyond the stolen proprietary company data itself (in the event the company network is not itself sufficient ‘other property’). This includes various Pasco hardware damaged due to Defendant’s negligence: firewalls, backup systems, switches, and cloud keys.” Filing 25 at 5. According to Pasco, the above constitutes “other property.” Filing 25 at 5 (citing Lesiak, 808 N.W.2d at 83). In reply, Virtual IT contests Pasco’s argument relating to “other property,” saying “[Pasco’s] argument should fail because the “other property” it alleges was damaged is the same property Virtual IT was contracted to protect, unlike the herbicide purchased and applied in Lesiack.” Filing
26 at 2. Virtual IT also asserts in a footnote that while “Nebraska courts do not appear to have decided this issue in the context of cybersecurity agreements . . . other courts have noted that ‘damage to components integrated into computer system is not considered damage to other property
9 for purposes of the economic loss doctrine.’” Filing 26 at 2 n.5 (citing Transp. Corp. of Am. v. Int’l Bus. Machs. Corp., 30 F.3d 953, 957 (8th Cir. 1994)). 2. Virtual IT’s Argument That Pasco’s Negligence Claim Is Barred by the Economic Loss Doctrine Is Unavailing “Under Nebraska law, to state a claim for negligence, a plaintiff must allege ‘a legal duty owed by the defendant to the plaintiff, a breach of such duty, causation, and damages.’” Spagna v. Park Ave. Phi Psi House, Inc., 478 F. Supp. 3d 813, 819 (D. Neb. 2020) (citing A.W. v. Lancaster Cnty. Sch. Dist. 0001, 784 N.W.2d 907, 913 (2010)); Pals v. Weekly, 12 F.4th 878, 881 (8th Cir. 2021) (citing Wilke v. Woodhouse Ford Inc., 774 N.W.2d 370, 379 (Neb. 2009)) (“In order to succeed on a negligence claim in Nebraska, the plaintiff must show a legal duty owed by the defendant to the plaintiff, a breach of that duty, proximate causation, and damages.”). Virtual IT does not argue that Pasco failed to plausibly allege duty, breach, causation, or damages. Filing 24-2 at 4–5 (focusing argument exclusively on the economic loss rule). The Court
concludes that Pasco has done so. Virtual IT’s argument for dismissal of Pasco’s negligence claim rests entirely on the economic loss doctrine. Filing 24-2 at 4–5. Therefore, the Court’s attention turns to whether the economic loss doctrine bars Pasco’s claim. The Nebraska Supreme Court “confront[ed]” the application and scope of the economic loss doctrine in Lesiak v. Cent. Valley Ag Co-op., Inc., 808 N.W.2d 67 (Neb. 2012). It explained by way of preface, The economic loss doctrine, generally stated, is a judicially created doctrine that sets forth the circumstances under which a tort action is prohibited if the only damages suffered are economic losses. While the doctrine may be easy to state, it is difficult to apply. Indeed, it has been described as a confusing morass, and has been compared to the ever-expanding, all-consuming alien life form portrayed in the 1958 B-movie classic The Blob that could consume much of tort law if left unchecked. 10 Lesiak, 808 N.W.2d at 80 (internal quotation marks and citations omitted). The Nebraska Supreme Court recognized that the United States Supreme Court had stated that the doctrine exists to prevent contract law from drowning in a “sea of tort.” Id. at 81–82. It then observed, But the opposite must also be true, and the same type of concern must also exist for tort law. While the doctrine has its place in the law of damages, it should not be interpreted so broadly as to undermine tort law and preclude tort remedies in situations which, historically, have presented viable tort cases. That is to say, the doctrine should not be expanded to allow traditional tort remedies to drown in a sea of contract. Lesiak, 808 N.W.2d at 82 (citations omitted). As to more substantive matters, the Nebraska Supreme Court explained, After reviewing our own case law, the case law from other jurisdictions, and the scholarly work done on the subject, we hold that the economic loss doctrine precludes tort remedies only where the damages caused were limited to economic losses and where either (1) a defective product caused the damage or (2) the duty which was allegedly breached arose solely from the contractual relationship between the parties. And economic losses are defined as commercial losses, unaccompanied by personal injury or other property damage. Lesiak, 808 N.W.2d at 81. The court also stated, [W]hen the alleged breach is of a purely contractual duty—a duty which arises only because the parties entered into a contract—only contractual remedies are available.... Thus, the doctrine serves to “weed[ ] out cases involving nothing more than an allegedly negligent failure to perform a purely contractual duty—a duty that would not otherwise exist.” Lesiak, 808 N.W.2d at 82. In short, the court explained that “the doctrine would apply to bar a tort action for the negligent performance of a contract when only economic losses were incurred.” Id. at 83. The Lesiak court makes clear, however, that the economic loss doctrine applies only to cases where damages are limited to economic losses. Id. at 81. According to the Lesiak court, “economic losses are defined as commercial losses, unaccompanied by personal injury or other property damage.” Id. The Lesiak court specifically defined “other property” as “property other than the 11 property that was sold pursuant to the contract.” Id. at 83. The economic loss doctrine does not apply to cases where damage is caused to “other property.” Id. (“But the damage allegedly caused by the breach was not purely economic loss; rather, CVA’s actions allegedly caused damage to the Lesiaks’ corn, which qualifies as “other property”—that is, property other than the property that was sold pursuant to the contract. Thus, this case is removed from the doctrine’s reach.”). Pasco’s negligence claim alleges inter alia that Pasco suffered “damage to various company hardware that was infiltrated or potentially infiltrated and compromised by the Threat Actor and
which was replaced in mitigation of damages.” Filing 20 at 15 (¶ 41). According to Pasco, “[t]wo firewalls [were] replaced for approximately $9,621,” “[b]ackup systems, including two tape drives and associated tapes, [were] replaced for approximately $16,480,” “[o]ne or more switches [were] replaced for approximately $9,042,” and “[t]wo Ubiquity cloud keys [were] replaced for approximately $600.” Filing 20 at 15 (¶ 41). Pasco maintains that this damage constituted damage to “other property.” Filing 25 at 5. According to Pasco, the claim is therefore not barred by the economic loss doctrine. Filing 25 at 5. Whether the economic loss doctrine applies depends on whether the “damages caused were limited to economic losses.” Lesiak, 808 N.W.2d at 81. In Lesiak, the Supreme Court of Nebraska
was “presented with a situation where [an herbicide], Guardsman Max, was not alleged to be defective . . . [but] negligently applied, resulting in damage to [the plaintiffs’] corn crop.” Id. at 81. The defendant “applied [Guardsman Max] to 16 of [the plaintiffs’] 20 fields.” Id. at 72. The plaintiffs alleged that the defendant’s “improper application of Guardsman Max caused damage to their corn crop, decreasing their total yield.” Id. The Supreme Court of Nebraska held that the action was not barred by the economic loss doctrine because the corn qualified as “‘other property’––that is, 12 property other than the property that was sold pursuant to the contract.” Id. at 83. The court further explained that such “other property” remains outside of the economic loss doctrine’s reach even when damage to such property was foreseeable at the time of contracting. Id. at 84 (rejecting the so- called “disappointed expectations” test). The Agreement was an IT service agreement that contemplated, among other things, the protection of Pasco’s business data. Filing 20 at 1 (¶ 1) (“Pasco entrusted [Virtual IT] a managed security services provider, with the outsourced management of its entire IT infrastructure and data
backups, including the provision of cybersecurity monitoring, ransomware prevention, and disaster recovery services.”); Filing 20-1 at 2 (“The overall objective of this partnership is for Virtual IT to serve as the complete, outsourced IT division for PASCO, responsible for ensuring that IT supports the organization’s business goals.”); Filing 20-1 at 9 (“Virtual IT must take reasonable technical and organizational measures to keep Customer Data secure and to protect it against accidental loss or unlawful destruction, alteration, disclosure or access. . . .”). While the IT service agreement carefully details Virtual IT’s responsibilities relating to the safeguarding of data, the Agreement does not articulate any duty to safeguard Pasco’s hardware. See Filing 20-1. The only serious mention of hardware in the Agreement states that “[c]onfiguration and installation of computers or other
hardware” is an “Out of Scope Item[].” Filing 20-1 at 6. Just as the allegedly negligent application of herbicide caused damage to the corn in Lesiak, the allegedly negligent protection of Pasco’s business data and provision of IT services appears to have caused damage to distinct property, the company’s hardware. Lesiak, 808 N.W.2d at 72, 83; Filing 20 at 15 (¶ 41). Drawing all inferences in Pasco’s favor, it is not clear that Pasco’s physical property was the same property that Virtual IT was contracted to protect. Bauer, 25 F.4th at 589 (saying a court must “draw[ ] all reasonable 13 inferences in favor of the nonmovant’” at the Rule 12(b)(6) stage); Christopherson v. Bushner, 33 F.4th 495, 499 (8th Cir. 2022) (saying that a claim is “plausible” when the court can draw a “reasonable inference” that the defendant is liable for the alleged misconduct). The fact that damage to hardware could have been foreseen at the time of contracting is inapposite under Nebraska law. Lesiak, 808 N.W.2d at 83–84. Pasco’s claim is therefore not barred by the economic loss doctrine. Virtual IT suggests in a footnote that the Court should extend Nebraska law to reflect Minnesota law and accordingly find that there is no “other property” at issue. See Filing 26 at 2 n.5
(citing Transp. Corp. of Am., 30 F.3d at 957 (applying Minnesota law)). The Eighth Circuit has made clear, however, that “[i]t is not the role of a federal court to expand state law in ways not foreshadowed by state precedent.” Ashley Cnty., Ark. v. Pfizer, Inc., 552 F.3d 659, 673 (8th Cir. 2009) (internal quotation marks omitted) (quoting City of Philadelphia v. Beretta U.S.A. Corp., 277 F.3d 415, 421 (3rd Cir. 2002)). Nebraska has not signaled any willingness to extend its law on the economic loss doctrine. See, e.g., Lesiak, 808 N.W.2d 67. The economic loss doctrine does not bar the claim. C. Pasco Does Not State a Claim for Breach of Fiduciary Duty 1. The Parties’ Arguments Virtual IT argues that Pasco’s third claim must be dismissed because “[n]o fiduciary relationship arose here, and even if it did none of Pasco’s cited factual bases constitute a breach of
such [relationship].” Filing 24-2 at 6. Specifically, Virtual IT asserts that the situation here was an “ordinary business transaction” and that a fiduciary relationship is only created where ‘confidence is reposed on one side, and domination and influence result on the other side.’” Filing 24-2 at 6
14 (quoting Weisenberger v. Ameritas Mut. Holding Co., 597 F. Supp. 3d 1351, 1367 (D. Neb. 2022)). According to Virtual IT, these conditions are not present. Filing 24-2 at 6. Pasco maintains that “[a]ccepting [its] factual allegations as true and viewing them in the light most favorable to Pasco, Pasco has plausibly alleged the existence of a fiduciary relationship,” as “[t]he Agreement contemplates that [Virtual IT] will have access to confidential Pasco data and trade secrets and requires [Virtual IT] to keep such data secure and confidential.” Filing 25 at 7–8. Pasco also contends that it has pleaded “detailed facts showing how [Virtual IT] breached its
fiduciary duties of loyalty and against self-dealing.” Filing 25 at 8–9. In reply, Virtual IT maintains that “[Pasco] exaggerates the nature of the parties’ relationship.” Filing 26 at 4. Virtual IT also argues that “[Pasco] points to no authority supporting that a contract for IT services creates a fiduciary relationship. [Pasco] has not described why this particular relationship transcends an ordinary business transaction; that Virtual [IT] was contracted to provide IT services and had access to confidential information––as is common for IT vendors–– does not give rise to a fiduciary duty.” Filing 26 at 4. 2. No Fiduciary Duty Existed Between the Parties Under Nebraska law, “the existence of a fiduciary duty and the scope of that duty are questions of law for a court to decide.” Gonzalez v. Union Pac. R.R. Co., 803 N.W.2d 424, 446
(Neb. 2011). “In Nebraska, a fiduciary duty arises out of a confidential relationship which exists when one party gains the confidence of the other and purports to act with the other’s interest in mind.” Weisenberger v. Ameritas Mut. Holding Co., 597 F. Supp. 3d 1351, 1367 (D. Neb. 2022) (citing City of S. Sioux City, Neb. v. Charter Oak Fire Ins. Co., 385 F. Supp. 3d 854, 861 (D. Neb. 2019); Gonzalez, 803 N.W.2d at 446). “A fiduciary relationship arises when confidence is reposed 15 on one side, and domination and influence result on the other side.” Id. (citing DeSciose v. Chiles, Heider & Co., Inc., 476 N.W.2d 200, 206 (1991)). “[D]efining fiduciary relationships can be difficult, but one characteristic courts have traditionally looked for was a special confidential relationship that transcends an ordinary business transaction and requires each party to act with the interests of the other in mind.” Weisenberger, 597 F. Supp. 3d at 1368 (citing Attias v. Carefirst, Inc., 365 F. Supp. 3d 1, 5 (D.D.C. 2019)). In Weisenberger, the plaintiff purchased an insurance policy from the defendant and provided the
defendant with certain personally identifiable information (PII). Id. at 1357. “[T]he defendant’s information systems were breached by cybercriminals, and the plaintiff’s [and others’ PII] was accessed. . . .” Id. The plaintiff’s breach of fiduciary duty claim was dismissed because “the plaintiff alleged nothing that would distinguish her engagement with the defendant as something outside of a normal insurer/insured relationship.” Id. at 1368. A breach of fiduciary duty claim was also dismissed in a case where plaintiffs “were members of health plans which contracted with [the defendant] for pharmacy-benefit-management services.” Prestby v. A&A Servs., LLC, 8:24VC204, 2026 WL 26128, at *1–2 (D. Neb. Jan. 5, 2026). The defendant “solicited, collected, and stored the plaintiffs’ highly-sensitive [PII] and protected
health information.” Id. at 2. The plaintiff alleged that she “relied entirely on [the defendant], which solely controlled it[s] data systems and networks, to protect her Private Information, and she had no ability to assess, verify, or influence its data-security practices.” Id. at 27. However, the plaintiff’s PII was accessed by an unauthorized third party in a data breach. Id. at 2. Despite having “no direct relationship with [the defendant],” as the defendant contracted with the “health-insurance plan” rather than the plaintiff, the breach of fiduciary duty claim was dismissed because, among other 16 reasons, only a normal commercial relationship was alleged. See id. at 28–29 (citing Weisenberger, 597 F. Supp. 3d at 1368). Nebraska courts have identified certain relationships where a confidential or fiduciary relationship might exist. Schaneman v. Schaneman, 291 N.W.2d 412 (Neb. 1980); Chase v. Deneau, No. A-91-1015, 1993 WL 70947 (Neb. Ct. App. Mar. 16, 1993). In Schaneman, the conservators of the decedent-father’s estate sued the defendant-son to cancel a deed executed by the decedent-father in favor of the defendant-son. 291 N.W.2d at 414. The Nebraska Supreme Court found that a
confidential relationship was established where––on one side––the decedent-father “sometimes suffered from disorientation and lapse of memory” and “was, for all intents and purposes, an invalid at the time of the conveyance” and––on the other side––the defendant-son exercised influence over the decedent-father and precluded the decedent-father from seeking independent advice from anyone but the defendant-son. Id. at 420–21 (saying “there existed between the defendant and [the decedent] a confidential relationship” and that “a confidential or fiduciary relationship” exists where “confidence is rightfully reposed on one side and a resulting superiority and opportunity for influence is thereby created on the other”). In Chase, the Nebraska Court of Appeals remanded a case for further proceedings because
“there [were] genuine issues of material fact regarding whether or not [the appellant] placed her trust and confidence in [the bank and its employee], whether [the appellant] was dependent upon [the bank employee’s] advice or otherwise lacked knowledge about her affairs, and whether [the bank employee] controlled or influenced [the appellant’s] financial dealings.” Chase, 1993 WL 70947, at *3 (cleaned up). While the court stated that, “[g]enerally, the relationship between a bank and a customer is simply a debtor-creditor relationship which imposes no fiduciary duty upon the 17 bank, “[the appellant] had completed only an eighth grade education and had never held a job outside of her home other than occasional work sewing or altering clothing.” Id. at *1, 3 (cleaned up) (saying the appellant was “79-year-old widow with an eighth grade education”). The facts alleged here show a relationship more like the ordinary commercial relationships in Weisenberger and Prestby than the relationships with vulnerable individuals in Schaneman and Chase. No fiduciary duties were identified in Weisenberger and Prestby because the transfer of highly confidential and sensitive health information was made in an ordinary business transaction.
See Weisenberger, 597 F. Supp. 3d at 1368–69; Prestby, 2026 WL 26128, at *28. Pasco and Virtual IT engaged in an ordinary contract for IT services here. See Filing 20-1. Both parties were sophisticated enterprises, unlike the decedent in Schaneman and the appellant in Chase. Filing 20- 1 at 2; Schaneman, 291 N.W.2d at 126; Chase, 1993 WL 70947, at *1, 3. Despite giving Virtual IT access to certain confidential information, like the plaintiffs did in Weisenberger and Prestby, the Agreement was an arms-length transaction where Pasco was expected to exercise the independent judgment characteristic of a sophisticated enterprise. Weisenberger, 597 F. Supp. 3d at 1357; Prestby, 2026 WL 26128, at *2; see Filing 20-1 at 7, 9–10. Domination and influence of the type required to plausibly allege a fiduciary duty are not alleged to have existed at any point in the
Agreement’s lifecycle. Weisenberger, 597 F. Supp. 3d at 1367. Pasco fails to allege a fiduciary duty, and the breach of fiduciary duty claim therefore fails as a matter of law. Gonzalez, 803 N.W.2d at 446 (saying that in Nebraska “the existence of a fiduciary duty and the scope of that duty are questions of law for a court to decide.”).
18 D. Pasco Does Not State a Claim for Fraudulent Misrepresentation 1. The Parties’ Arguments Virtual IT argues that the claim for fraudulent misrepresentation must be dismissed because Pasco has not plausibly alleged that any false statements were made in bad faith. Filing 24-2 at 9. Specifically, Virtual IT maintains that “[i]n fraudulent misrepresentation, one becomes liable for breaching the general duty of good faith or honesty.” Filing 24-2 at 9 (citing Outlook Windows P’ship v. York Int’l Corp., 112 F. Supp. 2d 877, 896 (D. Neb. 2000)). According to Virtual IT, however, “Pasco’s allegations that these purported representations were made recklessly without any knowledge of their truth or falsity––i.e., that they were made in bad faith––are purely conclusory.” Filing 24-2 at 9. Virtual IT argues that “at most, the facts alleged in the Complaint suggest that Virtual IT sincerely, but wrongly, believed its systems and practices were sufficient to perform its advertised services.” Filing 24-2 at 9. With respect to the above argument, Pasco maintains that “contrary to Defendant’s argument
otherwise, Rule 9(b) expressly allows that ‘[m]alice, intent, knowledge, and other conditions of a person’s mind may be alleged generally.’” Filing 25 at 10. In reply, Virtual IT maintains that Pasco “does not respond to Virtual IT’s argument that [Pasco’s] fraud allegations are purely conclusory.” Filing 26 at 4. 2. Pasco Fails to State a Fraudulent Misrepresentation Claim A fraudulent misrepresentation claim in Nebraska requires a plaintiff to allege: (1) that a representation was made; (2) that the representation was false; (3) that when made, the representation was known to be false or made recklessly without knowledge of its truth and as a positive assertion; (4) that it was made with the intention that the plaintiff should rely upon it; (5) that the plaintiff reasonably did so rely; and (6) that the plaintiff suffered damage as a result. 19 Outlook Windows P’ship, 112 F. Supp. 2d at 894 (citing Cao v. Nguyen, 607 N.W.2d 528, 532 (Neb. 2000)). The Nebraska Supreme Court has also stated that “[i]n fraudulent misrepresentation, one becomes liable for breaching the general duty of good faith or honesty.” Gibb v. Citicorp., Inc., 518 N.W.2d 910, 921 (Neb. 1994). “Under [Federal Rule of Civil Procedure 9(b)], ‘a party must state with particularity the circumstances constituting fraud or mistake.’” United States ex rel. Strubbe v. Crawford Cnty. Mem’l Hosp., 915 F.3d 1158, 1163 (8th Cir. 2019) (quoting Fed. R. Civ. P. 9(b)). “[A] plaintiff
cannot meet this [Rule 9(b)] burden with conclusory and generalized allegations.” Id. (citing United States ex rel. Joshi v. St. Luke’s Hosp., Inc., 441 F.3d 552, 557 (8th Cir. 2006)). “To satisfy the particularity requirement of Rule 9(b), the complaint must plead such facts as the time, place, and content of the defendant’s false representations, as well as the details of the defendant’s fraudulent acts, including when the acts occurred, who engaged in them, and what was obtained as a result.” Joshi, 441 F.3d at 556. Pasco’s fraudulent misrepresentation claim alleges that Virtual IT made two kinds of representations: those representations preceding the execution of the Agreement or within the Agreement and those representations made after the Agreement was executed. See Filing 20 at 21
(¶ 63), 22 (¶ 64), 23 (¶ 67). The first set of representations (e.g., those allegedly made in marketing materials and the Agreement) were allegedly made with the intent inter alia to “induce Pasco to enter into . . . the Agreement.” Filing 20 at 21 (¶ 63), 23 (¶ 67). The second set of representations (i.e., those made after the Agreement was executed) were apparently made inter alia to induce Pasco to “continue the Agreement” so that Virtual IT could continue benefiting financially. Filing 20 at 21, (¶ 63), 23 (¶ 67). 20 With respect to the first set of representations, Pasco fails to plead facts plausibly suggesting that Virtual IT knew those representations made in marketing materials and the Agreement were false when they were made. Pasco similarly fails to allege that Virtual IT made the representations recklessly without knowledge of their truth. The Amended Complaint alleges, At the time [Virtual IT] made the misrepresentations, [Virtual IT] knew the representations were false or made them recklessly without knowing whether they were true and did so as positive assertions. [Virtual IT] was aware (or certainly should have been aware) that its actual practices did not align with its representations: for example, it knew that backups were not safeguarded, that some computers lacked security agents, and that its monitoring would not catch everything promptly. Filing 20 at 22 (¶ 66). The representations made in marketing materials and the Agreement were made before any factual bases for knowledge or recklessness occurred. That is, Virtual IT could not have known “that backups were not safeguarded [and] that some computers lacked security agents” before the Agreement or at the time of its execution, as Virtual IT’s work had not yet commenced. Filing 20 at 22 (¶ 66). Pasco also provides no nonconclusory basis that Virtual IT knew or recklessly failed to consider “that its monitoring would not catch everything promptly” before the Agreement or at the time of its execution. Filing 20 at 22 (¶ 66). In short, Pasco alleges no facts plausibly suggesting that any of the representations were knowingly false or recklessly made rather than simply shown to be false by subsequent events. See Filing 20. The first set of representations cannot state a fraudulent misrepresentation claim because “a plaintiff cannot meet [the] [Rule 9(b)] burden with conclusory and generalized allegations.” Strubbe, 915 F.3d at 1163 (citing Joshi, 441 F.3d at 557). Those representations preceding the execution of the Agreement or within the Agreement fail to support a claim for fraudulent misrepresentation because they are premised on conclusory allegations relating to knowledge and reckless disregard of information only acquired later. Id. 21 The second set of alleged representations (i.e., those representations made after the execution of the Agreement) do not support a fraudulent misrepresentation claim either. These alleged representations, made after work purportedly commenced, could have been made with the knowledge that “backups were not safeguarded, that some computers lacked security agents, and that [Virtual IT’s] monitoring would not catch everything promptly.” Filing 20 at 22 (¶ 66). Had Virtual IT made representations touting its ability to keep Pasco’s data secure to induce Pasco to “continue the agreement” so that Virtual IT could continue benefiting financially, a fraudulent
misrepresentation claim might be plausible. Filing 20 at 23 (¶ 67). However, unlike the first set of representations––where Pasco provides in great detail the representations made by Virtual IT in the Agreement and in marketing information––Pasco provides no specific representations made by Virtual IT after the Agreement’s execution. Filing 20 at 21 (¶ 63), 22 (¶ 64). Pasco only generally references “communications” meant to induce Pasco to “continue the agreement” and “forgo seeking other independent security measures or providers.” Filing 20 at 21 (¶ 63), 22 (¶ 66). The general reference to “communications” falls well short of Rule 9(b)’s heightened pleading standards. Joshi, 441 F.3d at 556 (“To satisfy the particularity requirement of Rule 9(b), the complaint must plead such facts as the time, place, and content of the defendant’s false representations, as well as
the details of the defendant’s fraudulent acts, including when the acts occurred, who engaged in them, and what was obtained as a result.”). Without specific representations, the second set relies on conclusory allegations that cannot survive a motion to dismiss. Strubbe, 915 F.3d at 1163 (citing Joshi, 441 F.3d at 557) (“[A] plaintiff cannot meet this [Rule 9(b)] burden with conclusory and generalized allegations.”). Pasco’s claim for fraudulent misrepresentation must be dismissed.
22 E. Pasco Does Not State a Claim for Breach of Express or Implied Warranties 1. The Parties’ Arguments Virtual IT first argues that Pasco’s claim for breach of express warranty must be dismissed because re-performance is the sole remedy provided in the Agreement’s warranty clause. Filing 24- 2 at 10. Virtual IT then argues that Pasco’s claim for breach of implied warranty must be dismissed because “Nebraska courts have only ever ‘found an implied services warranty in a contract for services … in the context of building and construction contracts.” Filing 24-2 at 10 (citing Lesiak, 808 N.W.2d at 79). In response, Pasco argues that its claim for breach of express warranty should survive dismissal. Filing 25 at 11. Pasco maintains that “[w]here the seller is given a reasonable chance to correct defects and the equipment still fails to function properly, the limited remedy of repair or replacement of defective parts fails of its essential purpose.” Filing 25 at 12 (internal quotation marks omitted) (quoting John Deere Co. v. Hand, 319 N.W.2d 434, 437 (Neb. 1982)). According
to Pasco, “This principle should apply regardless of whether the UCC applies.” Filing 25 at 12. Pasco also argues that its claim for breach of implied warranty should survive because the “predominant purpose” test is no longer the standard for the UCC’s application in Nebraska. Filing 25 at 12–13. Instead, Pasco asserts that “beginning in 2024, in a ‘hybrid transaction,’ the UCC provisions ‘which relate primarily to the sale-of-goods aspects of the transaction apply’ even if those aspects ‘do not predominate.’” Filing 25 at 13 (citing Neb. Rev. Stat. UCC § 2-102(2)). Pasco maintains that “the backup and monitoring hardware and software sold by [Virtual IT], including the deployment of the Sophos MDR” “are goods and the UCC warranty provisions related to those goods, including Sections 2-314 and 2-315, should apply.” Filing 25 at 13. 23 Virtual IT’s reply brief maintains inter alia that the breach of implied warranty claim should be dismissed because the UCC does not apply to this action. Filing 26 at 5. Virtual IT also argues that the breach of implied warranty claim must be dismissed because the change to the UCC in Nebraska cited by Pasco “does not retroactively apply, and the parties entered into the subject contract in 2019.” Filing 26 at 6. Accordingly, Virtual IT asserts that the “subject contract is unequivocally a contract for IT services and is not governed by the UCC.” Filing 26 at 6. Virtual IT therefore maintains that the claim must be dismissed because “Nebraska courts have only found
implied services warrant[ies] in the context of building and construction contracts.” Filing 26 at 6. 2. Breach of Express Warranty The first question that the Court must address is whether the Nebraska Uniform Commercial Code (UCC) applies. Prior to July 19, 2024, “transactions predominantly involving goods [were] governed by the Nebraska [UCC] . . . while transactions predominantly involving services [were] outside the UCC and governed by common law.” Cocke v. Whisler Aviation, Inc., 8:19-CV-335, 2019 WL 7282106, at *5 (D. Neb. Dec. 27, 2019) (citing Herman v. Bonanza Buildings, Inc., 390 N.W.2d 536, 542–43 (1986) (explaining the predominant purpose test)). Section 2-102 of the Nebraska UCC now provides that, in a hybrid transaction, “[i]f the sale-of-goods aspects do not predominate, only the provisions of this article which relate primarily to the sale-of-goods aspects
of the transaction apply, and the provisions that relate primarily to the transaction as a whole do not apply.” Neb. Laws LB 94, § 6, eff. July 19, 2024 (codified at Neb. Rev. Stat. UCC § 2-102(2)(a)). This change is not applicable in all circumstances, however. Section 12-A-201 states that “[e]xcept as provided in [sections not relevant here], a transaction validly entered into before July 19, 2024, and the rights, duties, and interests flowing from the transaction remain valid thereafter and may be 24 terminated, completed, consummated, or enforced as required or permitted by law other than the [UCC], or if applicable, the [UCC], as though Laws 2024, LB 94, had not taken effect.” Neb. Rev. Stat. UCC § 12A-201 (Saving clause). The Agreement was “entered into before July 19, 2024.” Neb. Rev. Stat. UCC § 12A-201; Filing 20 at 2 (¶ 5) (saying the Agreement was entered into in August 2019). Therefore, the Agreement will be “enforced as required or permitted by law other than the [UCC], or if applicable, the [UCC], as though Laws 2024, LB 94, had not taken effect.” Neb. Rev. Stat. UCC § 12A-201.
The transaction at issue here is governed by the common law, not the UCC. As noted above, prior to the July 19, 2024, change to Section 2-102, “transactions predominantly involving goods [were] governed by the Nebraska [UCC] . . . while transactions predominantly involving services [were] outside the UCC and governed by common law.” Cocke v. Whisler Aviation, Inc., 2019 WL 7282106, at *5 (citing Herman, 390 N.W.2d 536, 542–43). “Whether a transaction [was] for goods or services depend[ed] on the transaction’s ‘predominant purpose.’” Id. (citing Herman, 390 N.W.2d at 542–43). The predominant purpose of the Agreement was the rendition of IT services. The purpose of the Agreement was the outsourcing of all of Pasco’s IT services to Virtual IT, a managed security services provider. Herman, 390 N.W.2d at 542 (“The predominant purpose of the
transaction was not to sell Mr. Herman the components for a building but, rather, to create a building for him. Thus, the predominant purpose of the transaction was the erection of the building; that is, the rendition of a service, not the transfer of goods.”); Filing 20 at 1 (¶ 1), 2 (¶ 3) (“Pasco entrusted [Virtual IT], a managed security services provider, with the outsourced management of its entire IT infrastructure and data backups, including the provision of cybersecurity monitoring, ransomware prevention, and disaster recovery services.”); Filing 20-1 at 2 (“The overall objective of this 25 partnership is for Virtual IT to serve as the complete, outsourced IT division for PASCO, responsible for ensuring that IT supports the organization’s business goals.”). Any hardware or software sold separately by Virtual IT was at most incidental to the provision of IT services under the Agreement. Herman, 390 N.W.2d at 542 (“If that predominant purpose is the rendition of a service with the goods incidentally involved, the transaction is not the sale of goods.”). The predominant purpose of the Agreement was the rendition of IT services. Prior to July 19, 2024, “transactions predominantly involving services [were] outside the UCC and governed by the common law.” Cocke, 2019 WL
7282106, at *7 (citing Herman, 390 N.W.2d at 542–43). Therefore, the UCC has no applicability to Pasco’s claim. Nebraska common law does not provide alternative remedies. Pasco maintains that “[w]here the seller is given a reasonable chance to correct defects and the equipment still fails to function properly, the limited remedy of repair or replacement of defective parts fails of its essential purpose.” Filing 25 at 12. Pasco urges this Court to apply this “principle.” Filing 25 at 12. The Nebraska Supreme Court dealt with that so-called principle in a UCC case, saying “[i]n such an event, the buyer may then invoke any remedies available under the [UCC], including breach of warranties of merchantability or fitness for a particular purpose. The same would be true regarding
provable consequential damages, even though specifically excluded by the written warranty.” John Deere Co., 319 N.W.2d at 437 (citing cases). However, the UCC does not apply here. Pasco cites no caselaw supporting the application of the so-called principle to service agreements governed by the common law. Filing 25 at 11–13. Pasco similarly cites no caselaw setting out what remedies would be available if the principle applied to service agreements under Nebraska law. Filing 25 at
26 11–13. Finally, the Court finds no legal authority to infer a remedy not provided for in the service agreement. Pasco fails to state a claim upon which relief can be granted because it is not entitled to the relief it seeks. The Agreement provides, If the Professional Services do not conform to the Project Plan, contain material errors, or are not performed with reasonable skill, care, and diligence, Virtual IT shall re-perform the Professional Services to the extent necessary to correct the defective performance. Filing 20-1 at 10 (Section 5). The Agreement also states that “[t]he remedies set out in this Section 5 are [Pasco’s] exclusive remedies. . . .” Filing 20-1 at 9. Nonetheless, Pasco’s breach of express warranty claim requests “significant monetary damages.” Filing 20 at 27 (¶ 83) (“Pasco’s remaining remedy is an award of significant monetary damages.”); Filing 20 at 28 (¶ 84) (“Pasco’s total damages are as stated in prior counts and incorporated herein. Pasco is entitled to recover these damages for breach of warranty.”). Pasco has stated no basis in law, and the Court identifies none, for inferring remedies for breach of warranty beyond those in the text of the parties’ service agreement. Filing 25. Because Pasco’s claim for breach of express warranty seeks remedies Pasco is not entitled to, Pasco has failed to state a claim upon which relief can be granted. Fed. R. Civ. P. 12(b)(6). 3. Breach of Implied Warranties Pasco fails to state a claim for breach of implied warranties because Nebraska law does not provide implied warranties for the type of service agreement at issue here. Pasco’s argument that Virtual IT breached the implied warranties of merchantability and fitness for a particular purpose assumes that the UCC applies. Filing 25 at 12 (citing Lesiak, 808 N.W.2d at 79); Filing 20 at 25 (¶ 78); 26 (¶ 80), 27 (¶ 82). These implied warranties are in fact located in the UCC and are 27 inapplicable here because the UCC does not apply. Neb. Rev. Stat. UCC. §§ 2-314 (Implied Warranty of Merchantability), 2-315 (Implied Warranty of Fitness for Particular Purpose); Cocke, 2019 WL 7282106, at *7 (citing Herman, 390 N.W.2d at 542-43); Filing 25 at 13. The Supreme Court of Nebraska has extended an implied services warranty in a contract for services governed by the common law “in the context of building and construction contracts.” Lesiak, 808 N.W.2d at 79. However, the Supreme Court of Nebraska has also made clear that an implied services warranty does not exist beyond that context. Lesiak, 808 N.W.2d at 80 (“Thus, we conclude that it is both unnecessary and unwise to expand our application of the implied services warranty outside of the building and construction context.”). The Court therefore dismisses Pasco’s claim for breach of implied warranties. Il. CONCLUSION IT IS ORDERED that Virtual IT’s Motion for Partial Dismissal, Filing 24, is granted in part and denied in part, as follows: 1. The Motion is denied as to Pasco’s claim for negligence; 2. The Motion is granted as to Pasco’s claims for breach of fiduciary duty, fraudulent misrepresentation, and breach of express and implied warranties. This case will proceed only on Plaintiff's claims for negligence in Count I and breach of contract in Count II. Dated this 4th day of June, 2026. BY THE COURT: Zak — BoE United States District Judge 28