Some 540 data breaches affecting over 163 million customers occurred during the first half of 2020 alone. The effects of lax security put consumers at risk for identity theft and fraudulent credit card activity for years. Aside from the inconvenience of temporary account cancellations, consumers say stress is the worst after-effect of stolen information.
If you or a loved one have had your information compromised, it’s worth speaking to data breach lawyers to determine the next steps in securing your finances and getting back to business-as-usual without catastrophic losses arising in the near future.
A recent survey of 300 U.S. Chief Information Security Officers found that 80 percent of companies experienced at least one cloud data breach in the past 18 months. Of those, nearly half (43%) reported ten or more breaches. Problems were rampant — from misconfiguration and lack of visibility to poor compliance monitoring and access management errors.
What to Do After A Data Breach
Upon realization that your information has been compromised, you will need to take “reasonable steps” to mitigate your risk. This may entail canceling credit cards, calling the bank, changing passwords, and changing account numbers. A judge can decrease the compensation award for failure to take actions that prevent future harm.
If you received a notification from a lawyer, there will be a link to a class action lawsuit page where you may submit your claim to compensation. In other cases, you may only suspect a data breach and will need the help of your own lawyer to investigate the matter further.
Do You Need a Data Breach Lawyer?
Class action lawsuit lawyers at Kantrowitz, Goldhamer & Graifman are ready to send the message that in this day and age, there is no excuse for poor security protocols. If you’re going to conduct any kind of business – whether it’s in the cloud or stored on a hard drive – you’ve got to have tight surveillance, security measures, and training programs in place to protect the consumer data you’re entrusted with.
It is within your legal right to file a data breach lawsuit or to join a class action lawsuit seeking compensation for fraudulent charges and identity theft following a corporate security incident. Contact us for a free consultation.
KGG Law fights for the rights of consumers following data breach incidents. A few notable cases include:
- A $19.5M Home Depot Data Breach Settlement – A 2014 data breach resulted in the exposure of up to 56 million payment cards and 53 million email addresses. Customers were not responsible for paying fraudulent charges that resulted from the breach and received identity theft monitoring as part of the settlement provisions. Home Depot also committed to enhanced security protocols and robust training procedures. Attorney Gary S. Graifman of KGG Law was one of five attorneys working on the case.
- Tempur-Pedic and Aptos – Aptos was the CRM and POS system used by Tempur-Pedic In November 2016. Though the company knew about a data breach leading to hackers obtaining buyers’ personal information like names, addresses, and credit card numbers for five months, no one was notified.
- Anthem Blue Cross Blue Shield – Up to 80 million Anthem Insurance policyholders have had their social security numbers, income information, and addresses compromised in a recent data breach across dozens of states. The FBI is currently investigating the case, and the company has hired a digital security firm to improve its network capabilities.
- Premera Blue Cross – Protected health information of 11 million employees of Premera was publicly breached in 2014. The security lapse persisted for almost a year before it was detected, and delays in notifying affected individuals went on even longer. A settlement was reached as of December 2019.
U.S. Data Breach Laws
All 50 U.S. states have passed legislation requiring private or governmental entities to notify individuals of security breaches of personally identifiable information. Data breach litigation is on the rise, particularly with expansive new laws like the California Consumer Protection Act.
In 2019, New Jersey expanded the definition of personal information to include usernames, email addresses, passwords, and security answers. Notification must be made through written or electronic notice, directing individuals to promptly change their credentials.
New York’s SB5575B amendments to the Stop Hacks and Improve Electronic Data Security Act expand breach protection to include the same information as New Jersey’s law, as well as biometric information.
The definition of a breach includes any type of “unauthorized access” to private information – not just the acquisition of the data. Businesses are required to take “reasonable safeguards,” such as training employees to implement security programs, regularly testing security efficiency, and promptly deleting private information that is no longer necessary.
The state Attorney General will have three years (rather than two) to bring an action against a business found to be in violation of the act.
Data Breach Class Action Attorneys
KGG Law understands common objections and defenses used by businesses to evade punishment. We are ready to pursue maximum compensation on your behalf. Contact our skilled class action attorneys to learn more about pursuing a data breach case. Our legal fees are paid out of successful settlements at no upfront cost to plaintiffs.