It’s only April, but 227 data breaches have already exposed more than 6.2 million records this year, according to the Identity Theft Resource Center (ITRC). The number of breaches is 10% higher compared to this time last year, when there were 781 breaches exposing more than 169 million records.
A data breach occurs when an unauthorized person (hacker) gains access to confidential information for personal or political gain. Data breaches frequently lead to identity theft and financial losses. They have become increasingly common over the past several years, to the dismay of consumers.
The most notable breach this year (so far) involved fast food giant Wendy’s, which discovered malware on several locations’ systems. Many customers reported suspicious activity on the credit and debit cards they used at these locations. An Orlando man then filed a class action lawsuit against Wendy’s after his card was used by a thief for nearly $600 worth of purchases.
Krebs on Security reports that the financial losses sustained by credit unions from the Wendy’s breach will exceed that of the recent high-profile Target and Home Depot breaches. One credit union CEO hypothesized that the losses could be five to ten times higher than those incidents’.
Krebs also noted that one credit union is already halfway to its average annual total in fraud losses: another terrible omen for consumer security in 2016.
Over 100 Million Records Exposed Abroad
Data breaches are a growing crisis not just in the U.S. but abroad. Last week, a hacker exposed data on 50 million Turkish citizens, including their dates of birth, addresses, and the Turkish equivalent of social security numbers. He appears to have acted for political reasons, based on the following statements:
Who would have imagined that backwards ideologies, cronyism and rising religious extremism in Turkey would lead to a crumbling and vulnerable technical infrastructure? Do something about Erdogan! He is destroying your country beyond recognition.
The hacker also said “we” shouldn’t elect Donald Trump, who “sounds like he knows even less about running a country than Ergodan does,” suggesting the hacker is American.
This incident is one of the largest data breaches in history. The 50 million citizens account for more than half of Turkey’s entire population.
Incredibly, last week also saw a breach of the Philippines’ Commission on Elections (COMELEC), which exposed the data of 55 million voters. The “hacktivist” group Anonymous was supposedly responsible, as it warned the Filipino government to shore up its cyber-security in March.
Both the Turkish and Filipino governments downplayed the breaches, saying nothing of significance was stolen or revealed to the public.
Companies Pay Millions to Settle Data Breach Lawsuits
These data breaches can cost companies millions. When a company fails to exercise reasonable care in protecting their customers’ information, and a breach occurs, affected consumers may be able to file a class action suit against the company.
For example, Home Depot agreed to pay $19.5 million to consumers after its data breach: $13 million to reimburse shoppers for losses and $6.5 million toward identity protection services. Theirs is just one of many multimillion-dollar settlements that have been reached after large-scale data breaches:
- Sony (PlayStation network breach): $15 million
- Target: $10 million
- Sony (employee information breach): $8 million
- Stanford University Hospital and Clinics: $4.1 million
- AvMed Inc.: $3.1 million
- Vendini: $3 million
- Schnuck Markets: $2.1 million
- LinkedIn: $1.25 million
In general, companies much prefer settling cases out of court versus going to trial. But that is especially true with data breach lawsuits, because there is almost no court precedent for these kinds of cases. Companies like Home Depot and Sony have no idea what would happen if they went to trial to fight a data breach suit, which is a scary prospect.
Neiman Marcus Ruling Bodes Well for Data Breach Suits
That fear was heightened last summer when a panel of judges ruled that the Neiman Marcus data breach lawsuit (which had previously been thrown out) could proceed. The panel determined that it was reasonably likely that the plaintiffs would suffer injuries from the theft of their personal and financial data.
It’s a significant ruling because it means that the potential for theft or financial loss is legitimate grounds for a suit, even if said theft or loss has yet to occur. In other words, the Neiman Marcus case bodes well for the plaintiffs in current and future data breach lawsuits.
The Best Firm for Data Breach Victims
Our attorneys are currently investigating exactly these kinds of lawsuits. At Morgan & Morgan, we are dedicated to helping consumers hold companies accountable for these invasive data breaches. We have a long and successful history of battling large corporations—and winning. Against Big Tobacco, we won $90 million in verdicts and settlements.
If your credit card information, social security number, or other private information was stolen in a data breach, and you suffered financial harm as a result, we would like to hear from you. For a free consultation, complete a free, no-obligation case review today.