law
Laws

Data breach Lawsuits – Why Clients May Not Want to Fight Them

When you hear the words “data breach lawsuit” do you imagine a litigator in white-hat gear going into a company’s offices and swinging a huge stick to shake the door of a server room and making everyone look like they just had to duck? Sadly, that image is commonly associated with a legal case in the extreme minority of cases involving data breach lawsuits. Data breaches typically result from computer crimes, poor business practices, human error, and other hazards, rather than from a proverbial “microwave” leak. But even in those cases, data breach lawsuits can drag companies into court if they do not act fast enough to protect themselves from harm.

Most litigation involving data breach lawsuits is brought on the basis of one fact:

The information involved was confidential or privileged. In other words, this type of lawsuit is almost always initiated because the victim feels that he or she is the victim of a crime, and that the only way the law will take action against the perpetrator is if it can prove that the incident was criminal. In most states, the statute of limitations for civil suits against companies is one year. That means any lawsuit must be brought within a full year of the date of the incident, or else the plaintiff is barred from filing the suit at all.

Of course, there are times when the victim is not able to show that the incident constitutes a crime.

It is perfectly possible for a company to lose a significant amount of data without knowing it until it is notified by the attorney. A good example is the case of Microsoft. Microsoft recently paid over fifteen million pounds (over a billion US dollars) in UK data breaches claims but was alerted to the loss by an independent IT consultant. Microsoft was able to avoid the potential fines and possible legal action by quickly reacting to the alarm and undertaking urgent investigations.

Another example is the massive data breach lawsuits against Yahoo! and Hotmail.

The companies did not realize that an unknown hacker had obtained millions of user account passwords and logins. The victims of these leaks were unable to confirm whether their information had been compromised until after the fact and many cases of identity theft have been attributed to these kinds of data breaches.

The US government has recently put into place tougher regulations and rules for corporations and financial institutions that store consumer financial information.

The new regulations require these companies to perform security checks on their customers’ personal information each time they request it from a credit card company or a bank. They also require credit card companies and banks to inform their customers in writing if their data has been compromised. Some states, like California, have also passed laws requiring financial institutions to reimburse customers for any financial loss as a result of data breach lawsuits.

But it is not just the financial institutions that are at risk because of data breaches.

Any business that stores confidential information is at risk. For example, doctors’ offices store patient medical records at offsite locations. Businesses like credit card companies store confidential information on millions of accounts. If an employee of the store breaks this trust and starts using that account fraudulently, it can cause huge damage to the business. So if you believe that your data breach lawsuits may be heading towards a courtroom nearby, you may want to consult with an experienced lawyer to better understand your position.

Leave a Reply

Your email address will not be published. Required fields are marked *