• A data breach can occur in a number of ways. Mainly computer hackers and computer theft allow unlawful access to customer information, which often results in personal information being sold illicitly, followed by data breach lawsuits. For instance, the stolen Target customer data immediately resulted in Target credit card attack lawsuits. Another massive data violation occurred when Adobe Systems was hacked.
• Government investigators, who are looking into the recent epidemic of retail data breaches, believe the cyber attacks on Target and Neiman Marcus resulted from malicious software that was tailored specifically to exploit weaknesses in each retailer’s checkout systems.
• Data Breaches are on the rise, and with them, more identity theft lawsuits and data breach lawsuits are expected. Here is an update on current data breach lawsuits:
• The Target data breach is perhaps the most visible and largest cyber attack so far. The discount retailer is facing a raft of class-action lawsuits not only from customers but also from small banks that allege they are suffering losses as a result of the over 40 million customer card numbers that were stolen. The lawsuits all claim that Target was negligent, in that it failed to adequately protect its customers’ data.
• One Target class-action lawsuit, filed in California federal court by lead plaintiff Lisa Purcell (“Plaintiff”), states: “The information Target lost, including Plaintiff’s identifying information and other financial information, is extremely valuable to thieves. As the Federal Trade Commission (“FTC”) recognizes, once identity thieves have personal information, they can drain your bank account, run up your credit cards, open new utility accounts, or get medical treatment on your health insurance.”
• The banks claim that the breaches could force them to pay millions of dollars to reissue compromised cards and repay customers whose accounts were struck with fraud.
Neiman Marcus data breach
• According to reports, Neiman Marcus customer data was breached by hackers who stole personal information from more than 1.1 million debit and credit cards over a period of several months.
• It is believed that the same malware that was used on terminals in Neiman Marcus stores was also used to infiltrate Target’s systems, although it is not clear if the same criminals are involved in both attacks. The information was reportedly stolen between July 16 and October 30, 2013.
• At least one Neiman Marcus data breach class-action lawsuit has been filed. The lawsuit, filed by Melissa Frank, alleges fraudulent charges were made on her debit card after her card information was stolen. The lawsuit alleges Neiman Marcus knew about the stolen information but waited weeks to inform consumers.
Michaels data breach lawsuit
• Michaels is also facing a data breach class-action lawsuit, filed by plaintiff Christina Moyer, who claims the arts and crafts supplier failed to secure and safeguard customers’ private financial information.
• According to the lawsuit, Michaels issued a statement on January 25, 2014 stating, “As you may have read in the news, data security attacks against retailers have become a major topic of concern. We recently learned of possible fraudulent activity on some U.S. payment cards that had been used at Michaels, suggesting we may have experienced a data security attack.”
READ MORE DATA BREACH LEGAL NEWS
• The lawsuit further alleges that Michaels failed to adequately monitor its payment systems in such a manner that would enable the retailer to detect fraud or other signs of tampering “so that the breach of security and diversion of customer information was able to continue unnoticed for a period of time.
• So far, the company has not said how many customers could have been affected by the possible breach, nor has it said when the breach is believed to have happened. The Secret Service is reportedly investigating the matter.