Los Angeles, CAWith so many data breaches occurring in the last several years, and given the vulnerability of heretofore impenetrable platforms such as hospitals and even the federal government, experts advocate that given the increasing sophistication of hackers it’s only a matter of time before the next one. That leaves most Americans waiting for the other shoe, and the next data breach lawsuit, to drop.
That shoe dropped last week when Yahoo revealed a minimum of 500 million user accounts had been compromised. That’s bad enough. What’s worse, note pundits and consumer advocates, is the revelation the breach happened in 2014 – and we’re just finding out about it now.
There is little doubt that data breach lawsuits and class actions will be flowing from this revelation.
In fact, within a single day of the news of the Yahoo data breach, no fewer than three proposed class action data breach lawsuits were filed in federal courts in California and Illinois.
It was on September 22 that the news arrived with a thud: a data breach that occurred in late 2014 included names, email addresses, telephone numbers, dates of birth, hashed passwords and, in some cases, encrypted and unencrypted security questions and answers.
“The type of information compromised in this data breach is highly valuable to perpetrators of identity theft,” said attorneys close to the class actions. “Plaintiffs and class members are at risk for identity theft in its myriad forms, potentially for the remainder of their lives.
“Yahoo’s failure to safeguard its users’ very personal, sensitive information, in direct violation of its promises, is utterly unacceptable in this day and age. The fact that a breach of this magnitude went undetected at a tech giant like Yahoo for two years is astounding.”
The named plaintiffs in the three class actions filed September 23 are identified as Jennifer Myers and Ronald Schwartz, who filed their respective lawsuits in California (Myers in the Southern District, and Schwartz in the Northern District), and Christopher Havron, who filed in the Southern District of Illinois.
Given the massive cohort of Yahoo accounts – at least 500 million – it is reasonable to assume that data breach lawsuits will continue to flow, with the potential for compensation and awards for Yahoo class members combining to a massive financial hit for Yahoo at a time when part of the Yahoo structure could be changing.
This past July, communications giant Verizon announced its intent to purchase the core business assets of Yahoo for $4.83 billion.
Acquisition experts note that studying an acquisition target’s cybersecurity strengths, weaknesses, risks and exposures is a normal part of the ramping up to an acquisition. While it has not been suggested that the aforementioned data breach may have been revealed as a result of those investigations, pundits agree that Verizon would be viewing the planned Yahoo acquisition with a new set of eyes, given the potential for additional expenses, and an expectation for legal activity that could affect Verizon down the road, in addition to Yahoo.
The class action data breach lawsuits filed September 23 are Jennifer J. Myers et al. v. Yahoo Inc., Case No. 3:16-cv-02391, in the US District Court for the Southern District of California; Ronald Schwartz et al. v. Yahoo Inc., Case No. 5:16-cv-05456, in the US District Court for the Northern District of California; and Christopher Havron et al. v. Yahoo Inc., Case No. 3:16-cv-01075, in the US District Court for the Southern District of Illinois.
If you or a loved one have suffered losses in this case, please click the link below and your complaint will be sent to an internet/technology lawyer who may evaluate your Data Breach claim at no cost or obligation.