You are on page 1of 19
RECEIVED FEB 4 1 2020 IN THE COURT OF CLAIMS OF THE S1 Rick Heidner and Gold Rush ) Amusements, Inc, ) ) Claimants, 3 Case No. J v. 3 $2,000,000 } Amount Claimed per Claimant Illinois Gaming Board, ) ) Respondent. y MPL, Claimants, through their attorneys, King & Spalding LLP and Taft Stettinius & Hollister LLP, state the following: NATURE OF THE CLAIM 1 This is a tort action alleging breach of fiduciary duties and negligence against the Illinois Gaming Board (“IGB” or “the Board”), which caused Rick Heidner and Gold Rush Amusements, Ine. (“Gold Rush”) harm for which compensatory damages are sought. Specifically, the IGB caused substantial hatm when an IGB employee intentionally disclosed, without authorization, sensitive financial information, including personally identifiable information (“PII”), relating to Mr. Heidner, his family members, and other individuals associated with Mr. Heidner or Gold Rush. Mr. Heidner had provided PH and other sensitive information to the IGB in strict confidence—and with the expectation that such information would be treated as strictly confidential—as part of the mandatory state licensing procedures under the Video Gaming Act and the Illinois Gambling Act (230 ILCS 10/1, ef seq. (“Gambling Act”)). The IGB compounded the harm by 1) failing to notify Mr. Heidner and his family members of the unauthorized disclosures in a prompt and timely manner; and 2) fueling the negative media portrayal by taking additional unfounded and improper official actions to harm Mr, Heidner and Gold Rush. 2 The Gambling Act provides that all information provided to the IGB in connection with licensing applications and renewals is “privileged, strictly confidential and shall be used only for the purpose of evaluating an applicant for a license or a renewal.” 230 ILCS 10/6(d). By leaking confidential information of Mr. Heidner, who entrusted the IGB with his most sensitive personal end financial information, the IGB has breached the trust and confidence that forms the ‘very foundation of the relationship between the IGB and Gold Rush, one of its licensees. 3. Inorder to obtain necessary approvals, gaming licensees and associated individuals are required to provide detailed disclosures of highly confidential personal and financial information to the IGB. For example, Mr. Heidner has given the IGB information relating to his personal background, social security number, assets and liabilities, personal bank account information, personal and business investment information, real estate holdings, life insurance policies, vehicle ownership information, and mortgages and liens, among other details, Mr. Heidner’s disclosures also included personal information regarding his family members and individuals with whom he did business 4, Despite requiring licensees and associated individuals to hand over a veritable treasure trove of theit most sensitive data, the evidence will show that the IGB’s approach to protecting Mr, Heidner’s data has been careless and cavalier, at best. As a result of the IGB’s failure to protect this data, information pertaining to Mr. Heidner and his family, as well as numerous others, was disclosed without authorization, and the unauthorized disclosure went undetected for months, And troublingly, the information was leaked in conjunetion with a negative media cycle that speculated about Gold Rush’s and Mr, Heidner’s disclosures to the IGB, and at a time when the IGB was taking unfair and unfounded official action against Mr. Heidner and Gold Rush. 5, On January 3, 2020, when the IGB finally discovered the unauthorized disclosures made by its employee, it did not immediately alert Gold Rush or Mr, Heidner, On January 10, 2020, the IGB notified legislative leaders about the unauthorized disclosures but still did not notify Mr. Heidner and the other vietims, even though the IGB represented that it would start notifying victims on January 17, 2020. In fact, on Fanuary 24, 2020, the media reported the leak before Mr. Heidner or Gold Rush were informed that they were victims. When the January 24 report caused Mr. Heidner to expressly ask the IGB whether he was a victim, the IGB chose to remain silent, Adding insult to injury, the IGB has recently denied Mr. Heidner’s request for basic information relating to the specific material that was leaked and to whom the leaked material was given, in order that Mr. Heidner and Gold Rush could take the necessary remedial measures to begin to repair the damage that has been done. JURISDICTION 6. Jurisdiction is asserted under § 8 (a) and (d) of the Court of Claims Act, 705 ILCS § 505/8(a), (d) (2018). PARTIES 7. Rick Heidner is an individual residing in Cook County, Illinois. Mr. Heidner is Gold Rush’s corporate secretary, and Gold Rush has identified him to the IGB as a person with significant influence or control (“PSIC”) of the video gaming business under applicable 1GB regulations. 8 Gold Rush is an Illinois corporation with its principal place of business in Hoffman Estates, Cook County, Illinois, Gold Rush isa licensed terminal operator in the business of placing and operating video gaming terminals in establishments for use by the public. 9. The IGB was established by the Illinois Gambling Act, 230 ILCS 10/S(a), with its principal place of business in Cook County, Illinois. ‘The IGB is the Illinois regulatory agency charged with administering, regulating, and enforcing the system of video gaming in Illinois. The IGB’s authority, established in the Video Gaming Act, 230 ILCS 40/78(a), extends over all video ‘gaming operations in Illinois. FACT ALLEGATIONS Gold Rush Licensing 10. In October 2010, Mr. Heidner submitted to the IGB a completed Video Gaming Personal Disclosure Form as part of Gold Rush’s Terminal Operator License application. In doing ‘80, Mr. Heidner submitted the required personal and financial records, including his most personal and significant PUI, such as his fingerprints, a copy of his birth certificate and driver's license, federal and state tax returns for the previous three years, addresses and phone numbers, social security number, date of birth, and his family members’ PIT, among other items. In submitting this information, Mr, Heidner understood and believed that this personal information would be utilized for the limited purpose of the IGB’s evaluation of Gold Rush as a potential licensee, 11, On February 16, 2012, after Mr, Heidner submitted substantial personal information to the IGB and after the IGB conducted a rigorous investigation of Mr. Heidner and Gold Rush, the IGB issued an Tilinois Gaming Board Terminal Operator License to Gold Rush, which was valid for one year. 12, As part of the annual Terminal Operator License renewal process, Mr. Heidner timely submitted required disclosures to the IGB on behalf of himself and Gold Rush each year, ‘The renewal process required submissions of detailed financial information, including a Net Worth Summary and Schedules (“Net Worth Statements”). The Net Worth Statements provided significant amount of financial detail relating to Gold Rush and Mr. Heidner, including Mr. Heidner’s total asscts and liabilities, personal bank account information, personal and business investment information, real estate holdings, life insurance policies, vehicle ownership information, and mortgages and lions, among other details. 13. Mr. Heidner has continued to comply with IGB procedures and has timely filed the required financial materials relating to Gold Rush on an annual basis through the present day. At all times, Mr. Heidner understood and believed that the personal information he submitted would be treated as privileged and strictly confidential, and utilized for the limited purpose of the IGB’s ongoing evaluation of Gold Rush as a licensee. 14, Gold Rush has at all times submitted good faith and timely disclosures, and has strived to maintain open lines of communication with the IGB. Moreover, Gold Rush has a proven track record of compliance with the Gambling Act, the Video Gaming Act, and the IGB's Adopted Rules. IGB Unfairly Influences Negative Press Cycle Against Mr. Heidner 15. On October 11, 2019, the first of a series of articles appeared in the Chicago Tribune relating to Mr. Heiduer, Notably, the article criticized certain real estate partnerships involving Mr. Heidner that the Tribune implied were not properly disclosed to the 1GB, Such insinuations were false, in that Mr. Heidner had made complete and accurate disclosures in both Gold Rush’s initial Terminal Operator License application and in all renewal and related submissions to the IGB. 16. Rather than confirming that Mr. Heidner had made complete and accurate disclosures, the IGB fueled the negative media coverage by taking an adversarial position to Mr. Heidner and Gold Rush and taking other unfair and unfounded official actions that harmed Mr. Heidner and Gold Rush. In particular: a, In conjunction with the initial Tribune reporting, the [GB made a public statement to the effect that the “current IGB board is newly appointed and id not participate in the approval or renewal process for [Mr. Heidner].” b. At the November 7, 2019 IGB meeting, the Board unfairly and, without a factual basis, targeted Gold Rush with an “emergency” action requiring pre~ approval of a terminal operator’s sale of its video gaming business, In pursing this action, the IGB publicly attempted to connect the “emergency” action with the Tribune stories critical of Mr. Heidner and Gold Rush. On December 17, 2019, incited by Gold Rush’s competitors, the IGB initiated an unprecedented Disciplinary Complaint, without a proper factual basis, against Gold Rush that sought the severe penalty of license revocation despite Gold Rush’s demonstrated history of compliance, & On December 18, 2019, immediately after the IGB issued the Disciplinary Complaint, the IGB tipped off the Tribune to the then non-public Disciplinary Complaint. The Tribune then submitted a Freedom of Information Act (“FOIA”) request, and a mere 33 minutes later, the IGB provided a copy of the Disciplinary Complaint against Gold Rush, Within houts, the 7ribune published another negative story about Mr. Heidner and. Gold Rush in advance of the December 19, 2019 IGB meeting, 17, ‘On December 24, 2019, counsel for Claimants submitted a FOIA request to the IGB asking for all communications between the [GB and the Tribune regarding Mr. Heidner and Gold Rush. Upon information and belief, it was the submission of the Claimants’ FOIA request that caused the IGB to discover the data breach committed by its employee. The IGB Data Breach 18. On January 3, 2020, the IGB claims to have first discovered the data breach in which Mr. Heidner, his family, and others had their sensitive personal and financial information ‘compromised. 19, On January 8, 2020, with Mr. Heidner having no knowledge that he had been a victim of a data breach, Mr. Heidner and Gold Rush counsel met with high-ranking staff of the IGB to discuss the unfaimess of the IGB's recent actions taken against Gold Rush, including the IGB’s interactions with the Tribune, None of the IGB representatives mentioned to Mr. Heidner ot Gold Rush counsel that Mr. Heidner’s or his family’s confidential information entrusted to the IGB had been compromised 20. On January 10, 2020, unbeknownst to the Claimants, the IGB alerted state legislative leaders that an employee of the IGB had improperly accessed confidential information related to IGB licensees and applicants and disclosed the information to three federal government entities without authorization to do so (“the IGB Data Breach”). 21, The IGB also alerted the federal entities who had received the unauthorized disclosures about the IGB Data Breach on January 10, 2020, and the IGB advised that it would begin to notify victims on January 17, 2020. Notwithstanding that representation, no such notification was made to Mr. Heidner or his family members at that time. 22. On January 24, 2020, the media broke the story about the IGB Data Breach, including the fact that the IGB allegedly discovered the IGB Data Breach on January 3, 2020, 23. Although the identities of the individual victims of the IGB Data Breach were not disclosed at the time the story was published on January 24, 2020, Mr. Heidner strongly suspected that he may have been a victim given the IGB’s recent targeted actions against him, 24. Following the press announcement about the IGB Data Breach, on January 27, 2020, counsel for Claimants submitted a letter to the IGB seeking confirmation whether Mr. Heidner and Gold Rush were victims of the now-publicized IGB Data Breach. ‘That same day, counsel also submitted a companion FOIA request to the IGB on the issue. 25, Even though the IGB knew that Mr. Heidner and his family were victims of the IGB Data Breach as of January 3, 2020, the IGB did not respond to counsel’s January 27, 2020 letter. 26. On January 28, 2020, during an in-person meeting with IGB personnel, counsel for Gold Rush followed up regarding whether Mr, Heidner was a victim of the IGB Data Breach. Even though the IGB knew that Mr. Heidner and his family were victims of the IGB Data Breach as of January 3, 2020, the IGB again chose not to tell Gold Rush’s counsel that Mr. Heidner was, in fact, a victim of the IGB Data Breach. 27. Itwas notuntil January 31, 2020 that Mr. Heidner and his family members received the IGB's notices through U.S. mail, postmarked January 29, 2020, informing them that they had been victims of a data breach involving their personal information (“the Notices”). 28, The Notices stated that between October 12, 2019 and October 31, 2019, an [GB ‘employee disclosed personal information relating to Mr. Heidner, his ife, and two of his sons, to multiple federal entities. 29, As stated in the Notices, Mr. Heidner and his family’s confidential information, including their “namefs}, social security [numbers] and/or driver’s license number(s) [were] disclosed without authorization by a Gaming Board employee to individuals associated with three federal government entities.” 30. These disclosures—which purportedly began one day after publication of the first Tribune article about Mr. Heidnet—were made without authori ion and were not in response to any valid legal request. Upon information and belief, the IGB employee made these unauthorized disclosures to fuuel—or at least in response to—the negative media coverage the IGB helped ‘generate against Mr, Heidner and Gold Rush. 31. On information and belief, the IGB employee who leaked Mr. Heidner’s and Gold Rush’s personal and financial information beginning in October 2019 was not assigned to any Gold Rush-related investigative matter, nor would the employee have had any official purpose for accessing Mt. Heidner’s or his family’s personal information. 32, Further, the IGB acknowledged “ihe seriousness of the concluct at issue here” and noted its commitment “to taking appropriate action against anyone who may have violated applicable data protection laws and Gaming Board rules.” Nevertheless, the IGB has refused to respond to reasonable requests from Claimants for information to help remediate the harm these disclosures have caused them. IGB Rejects the Demand Letter 33. On February 1, 2020, immediately following receipt of the Notices, Mr. Heidner, ‘through his counsel, sent a letter to the IGB’s Administrator, demanding “basic answers regarding the specific information of the Heidners that was leaked, to whom it was leaked and for what purpose it was leaked, as well as an immediate and thorough investigation into the IGB’s role in the orchestrated and public smear campaign against Mr, Heidner that began in October 2019 which has caused him significant financial and reputational harm” (“the Demand Letter” 34. On February 3, 2020, the IGB produced documents in response to Mr, Heidner’s Tanuary 27, 2020 FOIA request for materials related to the IGB Data Breach, ‘These materials included redacted notice letters to the federal entities that were recipients of the leaked data, redacted notice letters to the State legislators, and a list that purports to identify the individual victims of the IGB Data Breach. 33. Of the more than 50 individual victims of the IGB Data Breach, approximately half ‘of the victims had some pre-existing relationship with Mr. Heidner or Gold Rush. These individual victims include Mr. Heidner’s wife, two of his sons, his brother, his sister-in-law, his niece, and individuals with whom Gold Rush has a contractual relationship that is under the jurisdiction of the IGB. 36. On February 7, 2020, the IGB responded to Claimants’ Demand Letter and stated it could not provide any additional information in response to Claimants’ demands and document requests beyond what was included in the FOIA response. Further, the IGB declined to identify the specific personal information of the Heidners that was leaked, which federal agencies were the recipients of the unauthorized disclosures, and other information requested by Mr. Heidner relevant to the IGB Data Breach. Mlinois Personal Information Protection Act Violation by the IGB 37, Atall relevant times, the IGB was subject to The Personal Information Protection Act, 815 ILCS 530/1, et seg. (“PIPA”). PIPA requires that data collectors that maintain or store personal information and financial data such as that provided by Mr. Heidner must implement and maintain reasonable data security programs, and, in the event of a breach, must provide ‘immediate notification to the owners of such data and cooperate with the owners thereafter. Specifically, PIPA provides, in relevant part: a Section 10(b). Notice of Breach. “Any data collector that maintains or stores, but does not own or license, computerized data that includes personal information...shall notify the owner...of the data immediately following discovery, if the personal information was, or is reasonably believed to have been, acquired by an unauthorized person. ... [T]he data collector shall cooperate with the owner...in matters relating to the breach.” b. Section 12. Notice of breach; State agency. “Any State agency that collects personal information concerning an Illinois resident shall notify ‘the resident at no charge that there has been a breach of the security of the system data or written material following discovery or notification of the breach. The disclosure notification shall be made in the most expedient time possible and without unreasonable delay, consistent with any measures necessary to determine the scope of the breach and restore the reasonable integrity, security, and confidentiality of the data system.” ¢. Section 45(a), Data security. “A data collector that owns or licenses, or maintains or stores but does not own or license, records that contain personal information concerning an Illinois resident shall implement and iaintain reasonable security measures to protect those records from unauthorized access, acquisition, destruction, use, modification, or disclosure.” 38. Under 815 ILCS 530/5, the IGB is, and at all relevant times was, a “Data collector” in that itis a State agency that “handles, disseminates, or otherwise deals with nonpublic personal information.” Specifically, the IGB was a data collector that maintained or stored, but did not own or license, the computerized data that included personal information owned by Mr. Heidner. 39, The information obtained from Mr. Heidner was “Personal information” under 815 ILCS 5305 as it contained Mr. Heidner’s first name and last name in combination with his social security number, and driver's license number, among other PIL 40. As the IGB effectively conceded in the Notices, the IGB was the subject ofa “breach of the security of the system data” controlled by the IGB, 815 TLCS 530/5. M1 41. PIPA required the IGB to promplly notify Mr. Heidner, without unreasonable delay, of the breach of IGB's system containing Mr. Heiduer’s computerized data and PI upon discovery of the breach. The IGB was further required to cooperate with Mr. Heidner. See 815 TLCS 530/10(b), 12(a). 42. The IGB violated PIPA because, rather than promptly notifying Mr. Heidner of the 1GB Data Breach, it waited four weeks to do so and then failed to cooperate with Mr. Heidner in matters relating to the breach. 43, The IGB also violated PIPA by failing to implement and maintain reasonable security measures to protect Mr. Heidner’s records from unauthorized access and disclosure. See 815 ILCS 530/45(a). Count I: Breach of Fiduciary Duty Claim Against the IGB 44, Given the sensitive and highly confidential nature of the PIL, personal information, and financial information collected and stored by the IGB, which is the sole governing body that may issue gaming licenses, a special, privileged relationship of trust and confidence was created between the IGB and the licensees and license applicants. 45. Atall relevant times, the IGB was subject to the Gambling Act, the statute that established the IGB. See 230 ILCS 10/2(0). 46. Under the Gambling Act, the IGB is required to maintain the strictest level of confidence over all information provided by a licensee and license applicant, Specifically, the Gambling Act legislates that: “{alll information, records, interviews, reports, statements, memoranda or other data supplied to or used by the Board in the course of its review or investigation of an application for a license or a renewal under this Act shall be privileged, strictly confidential and shall be used only for the purpose of evaluating an applicant for a license or a renewal.” 12 230 ILCS 10/6(d) (emphasis added). 47. As such, the Gambling Act establishes a special, privileged relationship between the IGB and the licensees and license applicants, whereby materials provided to and maintained by the IGB are to be treated with the highest level of care and confidence. ‘The IGB undertook a duty to use the utmost of care in maintaining safeguards to protect confidential licensee information against unauthorized access, 48. Moreover, the Request to Release Information which Mr. Heidner was required to sign enabled the IGB to obtain his personal financial information directly from third parties, such as financial institutions, in connection with the IGB’s investigation and evaluation of Gold Rush's license application, ‘This Request to Release Information expressly designated duly authorized agents of the IGB as the applicant's “attorney in fact,” thereby creating a fiduciary relationship as a matter of law. 49. Based on this special relationship, the IGB owed a fiduciary duty to act with the highest level of care in protecting the sen: financial and personal information belonging to ‘Mr. Heidner and Gold Rush, which the IGB collected and stored, 50, The IGB breached its fiduciary duty of care owed to Claimants when it: a. Failed to maintain proper security safeguards protecting the PII and other sensitive personal information of its licensees; b. —Pailed to supervise employees’ unauthorized access to PI and other sensitive personal information; ©. Failed to supervise employees who the IGB knew or should have known were a security ris 4, Allowed unauthorized employees access to personnel files of licensees; ©. Failed to implement the systems, policies, and procedures necessary to detect this type of data breach; 13 51. Failed to implement adequate internal controls relating to sending PI and other sensitive personal data via email; Failed to implement and maintain reasonable access controls to prevent personnel from accessing sensitive files without any legitimate purpose to do so; and Failed to implement the systems, policies, and procedures necessary to prevent this type of data breach. ‘The IGB has knowingly, recklessly, and in bad faith violated its fiduciary duty of care owed to Claimants and they have suffered damages as a direct and proximate result of the IGB’s breach of its fiduciary duty. 52. Count Il: Negligence Claim Against the IGB Beginning in or around October 2010, it was the duty of the IGB to exercise care to maintain the security of Mr. Heidner’s and Gold Rush’s personal and financial information, submitted to the IGB as required by law in order to secure Gold Rush’s Terminal Operator License. 53. 54, IGB's duties included the following: a, a ‘To exercise reasonable care in collecting, maintaining, securing, and safeguarding the personal and financial data in its possession; ‘To protect the personal and financial data using reasonable and adequate security systems that are compliant and consistent with industry-standasd practices governing highly sensitive personal information; ‘To implement processes to quickly detect a data breach and to timely act on warnings about data breaches, including timely notifying victims of a data breach; and To fully comply with PIPA, ‘The IGB solicited, gathered, and stored Mr. Heidner’s computerized data and associated PII to facilitate the licensing process. As such, the IGB owed a duty of care not to subject Mr, Heidner and his sensitive information and PII to an unreasonable risk of harm. 4 55. Asa licensee under the Video Gaming Act, Mr. Heidner was a foreseeable and probable victim of any data breach or unauthorized disclosures resulting from inadequate security practices, 56. The IGB knew, or should have known, of the risks inherent in collecting and storing sensitive personal data, and the importance of adequate security. The IGB knew, or should have known, that its security systems did not adequately safeguard Mr. Heidner’s and Gold Rush’s data, 57. Breaching duties owed to the Claimants, the IGB committed one or more of the following acts or omissions: a b bh ‘Negligently failing to maintain proper security safeguards protecting the PUL and other sensitive personal information of its licensees; ‘Negligently failing to supervise employees’ unauthorized access to PII and other sensitive personal information; ‘Negligently failing to supervise employees who the IGB knew or should have known were a security risk; ‘Negligently allowing unauthorized employees access to personnel files of licensees; Negligently failing to implement the systems, policies, and procedures necessary to detect this type of data breach; Negligently failing to implement adequate intemal controls relating to sending PII and other sensitive personal data via email; Negligently failing to implement and maintain reasonable access controls to prevent personnel from accessing sensitive files without any legitimate purpose to do so; and Negligently failing to implement the systems, policies, and procedures necessary to prevent this type of data breach. 58. Asa direct and proximate result of the IGB’s negligence, Claimants’ sensitive data ‘was compromised, and they sustained and will continue to sustain injuries in the form of possible data theft, reputational harm, emotional distress, and lost wages, among other injuries, 15 HISTORY OF CLAIMS 59. As alleged above, Claimants’ counsel sent a Demand Letter to the IGB Administrator on February 1, 2020, demanding “basic answers regarding the specific information of the Heidners that was leaked, to whom it was leaked and for what purpose it was leaked, as well as an immediate and thorough investigation into the IGB’s role in the orchestrated and public smear campaign against Mr. Heidner that began in October 2019 which has caused him significant financial and reputational harm.” 60. ‘The Demand Letter provided a list of requests relating to the IGB Data Breach, demanding a written response by February 7, 2020, On February 7, 2020, the IGB responded to Claimants’ Demand Letter and stated it could not provide any additional information in response to Claimants’ demands and document requests beyond what was included in the FOIA response. Further, the IGB declined to identify the specific personal information of the Heidners that was leaked, which federal agencies were the recipients of the unauthorized disclosures, and other information requested by Mr. Heidner relevant to the IGB Data Breach. 61. These claims have not been the subject of administrative proceedings and are not the subject of any currently pending administrative action taken by the IGB. owl HIP AND A‘ MENTS, 62. The Claimants are the sole owners of the claims, and there have been no assignments or transfers of the claims or any part thereof, Claimants became owners of the claims at the time of the IGB Data Breach, believed to be between October 12, 2019 and October 31, 2019. The IGB has been in possession of sensitive information belonging to Claimants since at least October 2010, when Mr. Heidner first submitted licensing application materials to the IGB, ENTITLEMENT 63, Claimants are justly entitled to the amount claimed from the IGB after allowing all just credits, VERIFICATION 64. The facts stated in the complaint are true, as certified in the attached Affidavit of Verification HISTORY OF CLAIMS OUTSIDE OF ILLINOIS 65. Neither these claims nor any other claims arising out of the same occurrence (against any person, firm, or governmental agency other than the State of Illinois or any of its officers or agencies) have been presented to any person, firm, court, or administrative tribunal other than the State of Illinois. STATUS OF RESPONDENT 66. No state officer or agency or department of the State is sued in a capacity as holder, administrator, or trustee of a fund, or as executor or administrator of a trust or estate, or as a guardian, conservator, or any similar capacity, DAMAGES 67. Claimants cach individually seek $2,000,000 in damages. A bill of particulars stating cach item of damages is difficult to provide at this time because the injury is recent and ongoing. However, the following are the expected categories of claimed damages a Lost earnings; b. Loss of future earning capacity; ©. Costs associated with investigating and remedi the IGB Data Breach; 4. Reputational harm; 7 e, —_Bmotional distress in the past; and £ Emotional distress in the future, WHEREFORE, for the reasons stated, the Claimants request an award in their favor for a total of $4,000,000. Counsel for the Claimants: Patrick M. Collins (peollins@kslaw.com) Jade R. Lambert (jlambert@kslaw.com) Courtney Roldan (croldan@kslaw.com) KING & SPALDING, LLP 353 N. Clark Street 12th Floor Chicago, Uinois 60654 Telephone: (312) 995-6333 Firm No, 61954 Kim R. Walberg (kwalberg@taftlaw.com) Richard Y. Hu (chu@taftlaw.com) ‘TAFT STETTINIUS & HOLLISTER LLP 111 E, Wacker Drive, Suite 2800 Chicago, Ilinois 60601 ‘Telephone: (312) 527-4000 Facsimile: (312) 524-4011 Firm No. 2914 IN THE COURT OF CLAIMS OF THE STATE OF ILLINOIS Rick Heidner and Gold Rush 2 Amusements, Inc., 3 Claimants, ) Case No. ) v. ) $2,000,000 ) Amount Claimed per Claimant Mlinois Gaming Board, } Respondent. ) AFFIDAVIT OF VERIFICATION 1, Patrick M. Collins of King & Spalding LLP, attomey for Claimants in the foregoing ‘Complaint, hereby certify that | am authorized to sign this verification. Under penalties as provided by law pursuant to Section 1-109 of the Illinois Code of Civil Procedure, I certify that the statements set forth in this Complaint are true and correct, ‘except as to matters therein stated to be on information and belief, and as to such matters I certify that I verily believe the same to be true. Date: February 11,2020 he LaZe (Attics M. Collins