KJ McElrath  |  June 29, 2019

Data Breach Overview

The term data breach refers to any event in which an unauthorized party gains access to information stored on a computer or server.

While it is not uncommon for a hacker to do this to individual computers, laptops and smartphones, the biggest data breaches happen at large corporations — particularly those that do business with the general public. These company databases are a tempting target for hackers because they contain consumer information such as names, addresses, credit card, and bank account numbers, and often social security numbers as well — all the data necessary for identity thieves to successfully carry out their nefarious schemes and carry out fraudulent activities.

According to the Identity Theft Resource Center, there were nearly 1600 major data breaches in the US in 2017 – up almost 45 percent from the previous year.

Even though software engineers continually develop stronger security protocols, it seems that they are always barely a step ahead of cyber hackers, who may work on-site and have direct access to computer databases, or from remote locations — even overseas.

How a Data Breach is Carried Out

A cyber attack is not unlike planning a battle in conventional warfare. The first step is reconnaissance or research: the hacker(s) look for any possible vulnerability in a company IT network, including the operating systems and even among personnel.

The actual attack uses one of two tactics: either it focuses on the network infrastructure itself, going for holes in the software and/or operating system, or it is a social attack. The latter involves deception; the hackers use “phishing” techniques in order to trick employees or other victims into giving away passwords or other login information. Often, this is in the form of an email that comes with an attachment containing a piece of malicious software.

The cyber hacker(s) declare victory when they gain access to the database and are able to extract the desired information.

Legal Issues

While the company is the first casualty of a data breach, it can also be liable to the individuals whose sensitive information is exposed.

Federal and state statutes do not impose strict liability upon corporate entities for a data breach. However, there are two situations in which a company can be held legally responsible. One is if the company was negligent and failed to take reasonable steps to protect consumer data (i.e., reasonable protocols were not in place). Civil liability can also arise if the company took all proper actions up to the time the data breach occurred but then failed to immediately take steps to mitigate the damage.

Data Breach Lawsuits

While successfully suing a company for data breach is not always easy, there have been a number of high-profile cases in recent years in which major corporations have been ordered to pay sizable judgments.

In April of 2019, Yahoo, Inc. offered to pay $117.5 million to settle a class action lawsuit over data breaches that occurred between 2013 and 2017.ย  Plaintiffs claimed that Yahoo failed to plug the data leaks once they were discovered.

At the same time, Washington State University settled a data breach lawsuit for $4.7 million.

Most recently, AMCA, a medical debt collector, reportedly filed for Chapter 11 bankruptcy protection in the face of dozens of lawsuits over a data breach that affected 20 million people.

20 thoughts onData Breach

  1. Selena Crocker says:

    Add me please

  2. Deborah pugh says:

    Add me to the mr cooper data breach I had Mr cooper as my mortgage company until they sold my loan in sept2023

  3. Earlene says:

    When a insurance agent takes your information and email to another company, w/o your permission is this considered a data breach?

  4. Latanya hill says:

    ADD ME

    1. Angela Kristine Fischer says:

      Add me please I was affected by this

Leave a Reply

Your email address will not be published. By submitting your comment and contact information, you agree to receive marketing emails from Top Class Actions regarding this and/or similar lawsuits or settlements, and/or to be contacted by an attorney or law firm to discuss the details of your potential case at no charge to you if you qualify. Required fields are marked *

Please note: Top Class Actions is not a settlement administrator or law firm. Top Class Actions is a legal news source that reports on class action lawsuits, class action settlements, drug injury lawsuits and product liability lawsuits. Top Class Actions does not process claims and we cannot advise you on the status of any class action settlement claim. You must contact the settlement administrator or your attorney for any updates regarding your claim status, claim form or questions about when payments are expected to be mailed out.