Irvine Data Breaches Attorneys
Seeking Compensation When Your Privacy Has Been Compromised
Data breaches put the financial health of California consumers at risk. When criminals breach a database maintained by a retailer or a financial institution, their access to credit card or bank account numbers may subject consumers to fraudulent credit card charges or unauthorized withdrawals. Database breaches that expose other identifying information, including social security numbers and dates of birth, place consumers at risk of identity theft.
In addition to businesses and health care industries, government agencies and educational institutions are also regular targets of hackers.
According to the FBI, in 2017 California had the highest amount of consumer complaints about cyber crime that any other state. The California Department of Justice reports that 1.5 million Californians were the victims of identity theft in 2014, or nearly one victim every 2.5 seconds.
When your private information has been compromised, a class action lawsuit may be your best remedy. The Aegis Law Firm represents individuals in class actions who have been victimized by the unauthorized disclosure of data and by the theft of personal information during a data breach.
What Can Happen During a Data Breach?
If your identifying information or account numbers are stolen in a data breach, you may face harassment from debt collectors for charges you did not make. Identity theft can destroy your credit rating and harm your employability. If someone uses your identity during an arrest, you may end up with a criminal record. Undoing the damage is often an expensive, time-consuming task.
In California, any agency that maintains computerized data must notify any California resident if the agency has reason to believe the date was acquired by an unauthorized person. If you receive a notice and would like to learn more about your legal rights, the Aegis Law Firm can help.
Data breaches occur in a variety of ways. Common examples include:
- Hackers break into a database maintained on a company's servers.
- Someone who has gained unauthorized access to a company's computer downloads data from the computer to a flash drive.
- A thief steals a laptop that contains sensitive data.
- The sender of a “spoof email” or participants in a phishing scheme use a false identity to persuade someone to respond with confidential data.
- Company employees release passwords to company computers out of spite or in exchange for cash.
Largest Data Breaches of 2018
Examples of some of the largest data breaches in 2018 include:
- British Airways - 380,000 affected - A criminal hack took place on the airline's website and app that affected bookings made by credit cards.
- Orbitz - 880,000 affected - Personal data such as credit card information, addresses, and phone numbers were stolen when hackers accessed the travel-booking website.
- SingHealth - 1.5 million affected - Hackers coordinated a well-planned attack on the Singapore government's health database. Apart from getting hold of patient's medical history and the medicines used, information regarding the health of prime minister of Singapore was specifically targeted.
- T-Mobile - 2 million affected - An international group of hackers accessed T-Mobile servers through an API and got hold of personal data and passwords of the users.
- myPersonality - 4 million affected - The Facebook app mishandled the data of their user by sharing information with ‘third-parties' with only limited protection.
- Saks and Lord & Taylor - 5 million affected - A hacking group announced it had access to credit card information of more than 5 million customers from the Saks and Lord & Taylor database. More details regarding the misdemeanor were never shared with the public.
- Shelm.com - 6.42 million affected - A cyber attack was carried out on the online store that compromised login details of the customers.
- Cathay Pacific Airways - 9.4 million affected - Passenger data including 860,000 passport numbers, 245,000 Hong Kong identity card numbers, 403 expired credit card numbers, and 27 credit card numbers without card verification value were accessed through unlawful means.
- Careem - 14 million affected - Hackers gained access to the system that contained sensitive information regarding the customer and drivers of the ride-hailing service.
- Timehop - 21 million affected - Hackers accessed the cloud computing account of the Timehop website and got hold of personal information including names, email addresses, and phone numbers of the subscribers.
- Ticketfly - 27 million affected - A hacker accessed the website and gained access to information about the clients and promoters that utilized Ticketfly's services.
- Facebook - 29 million affected - Hackers made use of the vulnerabilities in the Facebook's code and gained full access to user's data that included sensitive information such as user's location, relationship status, devices used and recent searches.
- Chegg - 40 million affected - Unauthorized access was gained on the company's database that compromised data of consumers including their name, addresses, and login credentials.
- GooglePlus - 52.5 million affected - Wall Street Journal reported that a software glitch caused Google to expose data of over 500,000 users. The company experienced another security breach in November that compromised data of approximately 52.5 million users. After the recurrent hacking incidents, Google announced that it would shut down Google+ for good by April 2019.
- Cambridge Analytica – 87 million affected - A Facebook app “This is your digital life” mishandled users information and provided access to third parties including Cambridge Analytica, a data analytics firm that assisted President Trump in creating targeted ads during his presidential campaign. According to data by Facebook, 270,000 users use the personality prediction app. However, since Facebook allows data sharing, the app was able to gather data of millions of other users as well.
- MyHeritage – 92 million affected - Although not much information regarding the hack was disclosed, a company representative admitted that their database of email addresses and passwords was found on a private server.
- Quora - 100 million affected - A ‘malicious' third party gained access to the Quora's system and retrieved account information of user accounts.
- MyFitnessPal –-150 million affected - Hackers gained access to user-data through illegitimate ways and got hold of confidential account information including addresses and passwords.
- Exactis - 340 million affected - A security expert found a vulnerability in the publicly accessed server that exposed detailed information of many US citizens. The information compromised included phone numbers, addresses, and personal preferences of the members.
- Marriott Starwood hotels - 5 million affected - Hackers accessed the reservation database of the hotel and copied guest information including phone numbers, email addresses, passport numbers, and even credit card numbers.
- Aadhar - 1.1 billion affected - Aadhar, the Indian government portal for storing information of its residents and biometric information experienced a leak that gave anyone the access to obtain information from the Aadhar website. The compromised information included names of the Indian residents, their ID card numbers, and bank accounts.
Source: https://www.digitalinformationworld.com/2018/12/biggest-data-breaches-of-2018.html (Aug. 31, 2019)
Data Breach Class Action Lawsuits
A recent analysis found that most class action lawsuits for data breaches are filed against a few companies involved in well-publicized cases. That may be because only a small percentage of data breaches are publicly reported. Some companies never tell consumers that their data has been compromised. Other companies convey that information quietly and urge consumers to keep the breach confidential.
When individuals become aware that they are the victim of a data breach, their rights can often be vindicated in class action lawsuits. The laws upon which the lawsuits will be based depend on the facts of the case. In some cases, the lawsuit is based on a company's delay in reporting the breach to the consumer, which deprives the consumer of the ability to take prompt protective action. In some cases, the lawsuit is based on the company's negligence in failing to guard against the breach. Other cases are based on a breach of the contract between the company and the consumer. Lawsuits may also be based upon violations of:
- California laws governing fraud and unfair competition.
- California's Data Security Breach Reporting Law.
- California's Confidentiality of Medical Information Act.
- The Family Education Rights and Privacy Act.
- The Stored Communications Act.
- The Fair and Accurate Credit Transactions Act.
- Banking regulations involving cybersecurity.
- Federal privacy laws that regulate federal agencies.
The Aegis Law Firm can evaluate your case and advise you about the laws that give you the best chance of obtaining a class action remedy if your private information was disclosed or stolen.
Call our Irvine data breach attorneys today at (800) 543-4829.
I absolutely love Aegis Law Firm!- Ty H.
The professionalism you will receive from Aegis Law Firm is unmatched.- Ali I.
Kashif Haque is truly the most professional and efficient lawyer I have ever dealt with.- Jessica T.
Aegis Law Firm's staff are extremely professional and very nice.- Jas G.
I highly recommend Aegis Law Firm!- Syl S.
$9 Million Food Manufacturer Case
$8.5 Million National Clothing Retailer Case
$5.5 Million Restaurant Chain Case
$5 Million Grocery Store Chain Case
$4.75 Million Fast Food Chain Case
$4.1 Million Fast Food Chain Case
$4 Million Toy Retailer Case
$3.775 Million Assisted Living Company Case