Data breaches—and data breach lawsuits—are a regular aspect of the digital age. As our lives move increasingly online, the size of our digital footprint grows, and this creates more opportunities for cybercriminals to obtain our personal information. Americans are now more worried about being the victim of cybercrimes, like the hacking of personal data and identity theft, than they are traditional crimes.
According to a recent Gallup poll, 74% of Americans say they fear computer hackers will access their personal, credit card, or financial information, and 72% worry about identity theft. These fears are not unfounded. In their latest 2023 Cyber Crime Statistics reporting, AAG revealed 53.35 million US citizens were affected by cyber crime in the first half of 2022 alone.
But it’s not necessarily hackers and identity thieves that Americans fear the most. Consumers become victims when companies sell, misuse, or fail to properly protect the personal private information of consumers.
Cybersecurity is not the responsibility of companies alone. Each internet user is responsible in large part for their personal online security. But a data breach that targets an organization is different. Data breaches occur when cyber criminals penetrate a company’s cybersecurity measures, exposing confidential, sensitive, or protected information to an unauthorized person. When a data breach happens, it’s usually because a company lacked sufficient security, or somebody at the company breached security protocols.
Like other types of cybercrimes, data breaches are on the rise. During the first quarter of 2023, more than six million data records were exposed worldwide through data breaches.
Not only are data breaches becoming more prevalent, but more complex, pervasive, and damaging. They’re also getting harder to detect. It’s typical for a company that suffers a data breach to not become aware of the breach for many months. In fact, according to IBM, the average time to identify and contain a data breach is 280 days.
Milberg’s Data Breach Practice Group
Milberg’s Data Breach Practice Group attorneys are among the most respected in the United States, with extensive experience serving as leadership in numerous privacy class actions involving some of the largest data breaches in the country.
Our Data Breach Practice Group attorneys litigate class action lawsuits alleging massive data breaches and other violations of consumers’ personal and data privacy. Milberg attorneys have spearheaded many highly technical cases, successfully advanced novel legal theories to protect consumers from ever-evolving cyber security and data privacy threats, and recovered hundreds of millions of dollars in compensation for data breach victims.
Notable Cases & Recent Recoveries
- In re: Equifax, Inc. Customer Data Breach Litigation – Served on the Plaintiffs’ Steering Committee; Equifax agreed to pay up to $700 million to consumer and states to settle this data breach class action— The largest ever settlement for a data breach.
- In re: Yahoo Inc. Customer Data Security Breach Litigation – Appointed as one of five members of the Plaintiffs’ Executive Committee in a data breach lawsuit against Yahoo – The class action settlement created a $117.5 million fund to pay for credit monitoring services, identity protection, and out-of-pocket losses.
- Carrera Aguallo v. Kemper Corp. – Served as lead counsel in a data breach class action involving 6 million consumers – Settlement valued at $17 million
- In re: Target Corporation Customer Data Security Breach Litigation – Represented a class of over 10 million Target customers whose personal information was stolen or compromised – The case settled for $10 million and individual consumers could recover losses up to $10,000.
- In re: Anthem, Inc. Data Breach Litigation – Served as plaintiffs’ counsel in a data breach class action lawsuit against Anthem for exposing the personal information of 79 million consumers – The settlement created a $115 million cash fund, delivered more than $500 million in value to the class, and required extensive injunctive relief to prevent a future breach.
- Torres, et al. v. Wendy’s International, LLC – Acting as plaintiffs’ counsel, represented Wendy’s customers over a 2016 data breach – Helped secure a $3.4 million settlement
- Pagan, et al. v. Faneuil, Inc. – Acted as class counsel in a data breach class action lawsuit against business outsourcing solutions provider Faneuil, stemming from a ransomware attack that was discovered in August 2021 – Final approval granted
- Webb v. Injured Workers Pharmacy, LLC – Milberg obtained an important victory at the First Circuit reversing the trial court’s dismissal of a data breach class action on grounds of standing – The first decision from the First Circuit to address these issues of first impression