Data Breach Lawsuit

Data Breach Complications

Common Types of Data Breaches

A data breach can involve any kind of leaked personal information. The most common method used to access this information is an outside security breach, also known as a hack. Hackers are generally after personal information, such as:

• Credit card information
• Financial account information
• Social Security numbers (SSNs)
• Personal and business addresses
• Email addresses
• Phone numbers
• Driver’s license numbers

All sorts of companies and organizations may have information like this in digital files. For example, your bank, place of work and internet provider all have your personal details stored somewhere on a server. Even the local pizza place has at least some personal data on you if you have ever paid them with a credit card or signed up for a free rewards program.

Over the past few years, several high-profile data breaches have been widely covered by the news. Recent data breaches include:

• AOL Breach (2005). The first big security breach only occurred just over a decade ago, and involved nothing more than email addresses. An AOL employee stole 92 million email addresses and screennames from his employer and sold them to businesses who began clogging inboxes worldwide with spam emails. Just like many early breaches, this was a low-tech, inside job.
• National Archives and Records Administration (2009). This breach was the result of an accidental leak. It occurred when government workers sent from a hard drive to a third party for repair before wiping it. This breach exposed hundreds of thousands of veterans’ Social Security numbers and other details.
• Global Payments (2012) . Still the most massive financial breach in history, this security breach involved Global Payments, a company that was responsible for processing millions of credit card transactions for major companies. The breach occurred as the result of an outside hack. More than $100 million in settlements was paid to companies after this incident.
• Target (2014). More than 70 million people had their credit card numbers and other personal information stolen in this breach. This resulted from the use of altered sales terminals.
• Yahoo (2014). Perhaps one of the largest breaches made public in history, the September 2016 revelation confirmed that 500 million user accounts were stolen from Yahoo in 2014. The stolen data may include names, emails, phone numbers, hashed passwords and security questions and answers, but not financial information, according to Yahoo. It is believed that state-sponsored actors are to blame for this massive hack.
• Securus Technologies (2015). Securus Technologies is a leading provider of phone services for prisons and jails in the United States. In 2015, an anonymous hacker obtained and leaked records of over 70 million phone calls as well as recordings of those calls. The hack revealed that the company recorded attorney-client calls in violation of prisoners’ constitutional rights.
• U.S. Voter Database (2015). Poor database configuration resulted in the exposure of the information of more than 190 million voters on the internet. Discovered by accident, this breach is still under investigation.
• Ashley Madison (2015). The hacking of the extramarital affair website Ashley Madison made headlines for months. A group of hackers exposed millions of registered users’ information on the internet in an effort to force the site to close down. The website previously offered a service that would supposedly wipe a user’s entire profile; the hack proved that this was not the case.
• 21^st Century Oncology (2016). In March, the nation’s largest radiation oncology provider revealed that 2.2 million confidential medical records had been accessed by an unauthorized third party. Attorneys working on lawsuits against the company have received thousands of inquiries from patients worried about identity theft and other misuse of their records. Litigation is still ongoing.

RESPONDING TO A DATA BREACH

If you find out that a breach of security exposed your personal information, you should take steps to protect your identity and finances. You should consider what information has been compromised when responding to a data breach and act quickly to prevent further theft, which includes:

• Social Security Number (SSN) – Do not give any further information to anyone who calls and claims to be from a real organization, like the Internal Revenue Service (IRS), even if they have your SSN. You should monitor your credit report and consider placing a freeze or fraud alert on your accounts in case of potential identity theft.
• Credit Card Number – Call the card company immediately to cancel the card and request a new one. Keep a close eye on your transactions also, and work with the fraud department to remove false charges.
• Bank Account Info – Call your bank to close your account and open a new one. Then, keep checking on your transactions and report any fraudulent withdrawals.
• Driver’s License Number – Contact the Department of Motor Vehicles to report the theft. They may issue you a replacement license. You should also monitor your credit report to make sure no one is impersonating you.
• Email, Passwords or Login Info – If possible, change your passwords and usernames. If you use the same password for multiple sites, change them all.

Identity theft can happen in many ways, some of which may come as a surprise to the average consumer. For example, most people realize that their personal information may be stolen when there is a data security breach at a company they’ve done business with. Likewise, most people have heard stories of skimmer machines attached to ATMs and gas pumps capturing credit and debit card information.  However, many people are not aware that a significant percentage of identity theft occurs at the hands of a close friend or family member. Trusted friends and relatives often have the easiest access to personal financial information.

If you have been a victim of a data breach, contact Chhabra Gibbs & Herrington PLLC. We can assist with your case. There is no fee to discuss your case with us.