Data Breach Lawsuit Legal News and Information
A data breach occurs when sensitive information collected (and sometimes stored) by a company is made vulnerable by someone illegally accessing that information. Information breaches can occur in a number of ways, but generally involve computer hackers or computer theft, followed by unlawful access to customer or client information. This sometimes results in personal information being sold illicitly. Consumers whose information has been illegally accessed can file data breach lawsuits. Data breaches are reportedly on the rise and with them more identity theft lawsuits and data breach lawsuits are expected.
Data Breach Information
In each of these cases, personal information is vulnerable to use for illegal gains. Thieves might sell that information to others who use it in identity theft or to steal money from accounts, for example. Unfortunately, in many cases the organization whose information has been compromised does not become aware of the issue until its customers' information has been used.
Information that can be made available depending on the data breach includes names, addresses, contact information, bank account information, social security numbers, usernames, passwords and email addresses.
Not all data breaches result in money or identities being stolen. In some data breaches the personal information is made vulnerable but not used (such as when a server is accessed illegally for reasons other than to steal the personal information contained on it). That said, in all data breach cases, personal information is vulnerable and there is the possibility that it has been used or could be used in the future if that personal information was copied.
Among companies and organizations that were reportedly victims of data breaches: Adobe, Target, Neiman Marcus, Living Social, Sony PSN and TJX (owner of TJ Maxx and Marshalls).
Data Breach Lawsuits
More than $5 million in damages is being sought in three class action lawsuits, two of which were filed in California and one in Oregon. The Target breach is the second-largest in U.S. history, surpassed by a case involving retailer TJX (TJ Maxx stores) in 2005. Target is headquartered in Minneapolis and has almost 1,800 stores in the US and 124 in Canada.
Neiman Marcus Data Breach
According to reports, Neiman Marcus was also breached by hackers who reportedly stole personal information from more than 1.1 million debit and credit cards over a period of several months. It is believed that the same malware that was used on terminals in Neiman Marcus stores was also used to infiltrate Target's systems, although it is not clear if the same criminals are involved in both attacks. The information was reportedly stolen between July 16 and October 30, 2013.
At least one lawsuit has reportedly been filed against Neiman Marcus related to the data breach. The lawsuit, filed by Melissa Frank, alleges fraudulent charges were made on her debit card after her card information was stolen. The lawsuit alleges Neiman Marcus knew about the stolen information but waited weeks to inform consumers.
Frank's lawsuit seeks class action status.
Michael's Possible Data Breach
Michael's stores announced that it had possibly been breached by cyberhackers, although the company said it has not yet confirmed that its systems were hacked. A spokesperson for Michael's craft stores said the company decided to make the announcement quickly so customers could protect themselves. So far, the company has not said how many customers could have been affected by the possible breach, nor has it said when the breach is believed to have happened. The Secret Service is reportedly investigating the matter.
Adobe Data Breach Lawsuit
Computer software maker Adobe Systems announced in October 2013 that their corporate data base was hacked and data from more than 38 million customer accounts were stolen. A class action lawsuit alleges that Adobe failed to use reasonable security practices that resulted in the data breach. As of November 2013, the company said it is still determining how much invalid account information was breached and it is in the process of notifying affected users.
Snapchat Data Breach – Potential Lawsuit
A Snapchat data breach at the beginning of January 2014 exposed the usernames and partial phone numbers of 4.6 million subscribers. Snapchat, a photo and video-sharing chat app, was already in trouble with the Federal Trade Commission: last year EPIC (Electronic Privacy Information Center) filed a complaint regarding the company' deceptive claim that photos would "disappear forever" after a set period of time. This recent breach was apparently exploited by hackers due to a flaw that had already been brought to the company' attention by security researchers. The leaked information is mostly concentrated to California and New York Snapchat account holders, with the two states accounting for some 2.3 million accounts. Other regions impacted include Illinois, Colorado, and Florida, according to security vendor AdaptiveMobile.
Snapchat users are advised to change their passwords and usernames on other accounts and they may want to join a lawsuit: several claims accuse the company of negligence in its security practices in allowing personal information to be leaked.
Medical Data Breach Lawsuits
Health Net in 2011 notified nearly two million patients that a data breach had compromised their private information, potentially exposing patients' names, addresses, medical information, Social Security numbers, and other financial information. A class action lawsuit claims that Health Net and its server driver company, IBM, violated patients' privacy rights and other consumer protection laws.
The latest medical data breach class action was filed In California against Kaiser Permanente after a flash drive containing medical records of almost 49,000 Kaiser Permanente patients was lost, which violated the Confidentiality of Medical Information Act. The flash drive was reported missing from Kaiser' nuclear medicine department on Sept. 25, 2013, according to the The Los Angeles Times.
The lawsuit filed by plaintiff Ginger Buck Ginger Buck, et al. v. Kaiser Permanente International, Case No. BC531253, in the Superior Court of the State of California for the County of Los Angeles, Central District, claims that her private, confidential and sensitive medical information was compromised and Kaiser violated its legal duty to protect the confidential data stored on the flash drive.
California law requires that medical providers maintain their patients' medical information confidential and prohibits the disclosure of such information without the patient' written authorization. Under this law affected patients are entitled to statutory damages of $1,000.
Identity Theft Lawsuits
Experts predict an increase in class action identity theft lawsuits based on the following facts:
- Identity theft is on the rise
- Security breaches are often repetitive in nature and caused by reckless practices of companies, their employees and/or third party service providers
- The impact of the crime in terms of the number of victims and financial losses often affects millions of people
- Consumers are demanding that action be taken
- State and Federal governments and regulators are paying attention
- Many states are enacting laws (e.g, California and medical providers, above) to protect consumers
- A number of privacy and identity theft laws such as HIPAA, GLBA and Red Flags are issued and enforced by various agencies
Data Breach Settlements
Ameritrade agreed to pay the class a minimum of $2.5 million and a maximum of $6.5 million, based on the number of claims submitted. Class members will receive $50 to $2,500 per claim, as follows: $50 for identity theft on an existing credit or debit card, $250 for identity theft on another account, and up to $1,000 (including the $250) for unreimbursed losses.
A data breach class action complaint filed in August 2007 against Certegy Check Services regarding the breach of consumers' confidential financial data resulted in a proposed settlement agreement with plaintiffs in a consolidated class action proceeding in federal court in Florida (the "Lockwood case").
In October 2013 a $3 million settlement was proposed in Resnick/Curry v. AvMed, Inc., No. 1:10-cv-24513-JLK (S.D. Fla.), a data breach lawsuit pending in the Southern District of Florida. Resnick involved the theft of two unencrypted laptops from AvMed that contained personal information of approximately 1.2 million customers/insureds ("the plaintiffs"). The plaintiffs filed a class action lawsuit claiming that AvMed failed to adequately secure the plaintiffs' personal information.
This is the second data breach lawsuit filed in the Southern District of Florida that has resulted in a substantial settlement for the plaintiffs. ( Burrows v. Purchasing Power settled for about $430,000). The Southern District of Florida Court has set the Final Approval Hearing for February 28, 2014.
Data Breach Legal HelpIf you or a loved one has suffered similar damages or injuries, please click the link below and your complaint will be sent to a lawyer who may evaluate your claim at no cost or obligation.
Last updated on
DATA BREACH LAWSUITS
UCLA Data Breach Lawsuit alleging UCLA Health failed to properly secure personal medical information.
Premera Blue Cross Reports Data Breach of 11 Million Accounts
400,000 Yahoo and Related Internet Accounts Breached
St. Joseph's Health System Facing Patient Data Breach Class Action
Amazon, Zappos Face Data Breach Class Action
Heartland America Recalls Wooden Stools Due to Fall Hazard
DATA BREACH LEGAL ARTICLES AND INTERVIEWS
Data Breach Class-Action Lawsuit Sprouts in California
Wendy’s Data Breach Bigger Than Thought
MORE DATA BREACH LEGAL NEWS
DATA BREACH SETTLEMENTS
READ MORE [ Internet/Technology Settlements and Legal News ]
Wanda A Banner
Emma C Holmes