Data breaches have become a regular fixture in the headlines, most noticeably when a multinational corporation suffers a breach that affects thousands or even millions of victims. But whether someone’s personal data was compromised in a breach involving the theft of millions of credit card numbers from a massive retailer or in a smaller breach like an employer leaking its employees’ personal information, the harm can be staggering.
In response, some states have begun to take action. New state laws protect personal data by requiring organizations, big and small, to safeguard the data with which they’ve been entrusted. When organizations fail to meet those standards, data breach victims can often sue for damages. For example, the “California Consumer Privacy Act” requires organizations to take “reasonable security measures” to safeguard personal data, or face liability if they do not. Laws in all 50 states provide avenues through which individuals can seek recourse when their data is stolen from an organization that failed to adequately protect it. Laws in all 50 states also require that organizations notify the victims of a data breach when it occurs, so those individuals can take action to protect themselves.
Data breaches have a variety of effects on the people whose information is stolen. Some people may suffer identity theft or experience fraudulent charges to their credit cards or withdrawals from their bank accounts. Others, however, may find that their personal information is never used at all, and the only consequence is the unease of knowing that their information is out there somewhere, unsecured. While some people react to a data breach by closely monitoring their credit reports and finances—or purchasing a service to do it for them—others adopt a wait-and-see approach. But no matter what kind of consequences someone experiences from a data breach, or the steps they have taken to address it, affected individuals may still be entitled to some recourse for having had their data stolen.
Lawsuits brought in the wake of data breaches have found traction in the courts. Earlier this year, a class representing over 70 million customers of a large telecom provider reached a settlement with a total value of approximately $500 million. Another lawsuit, brought by customers of a big box store, settled for a total value of $17 million. Federal workers who had their employment data compromised in a breach reached a settlement valued at around $65 million. Under these sorts of settlements, people whose data was involved in a breach can receive cash payments, reimbursement for time and money spent protecting themselves from the fallout of the breach, and services, such as identity theft protection and insurance.
For more information on the options available to you following a data breach, email us at info@mselaborlaw.com, or call (202) 833-8855 to set up a free consultation with one of our attorneys, or click the Contact Us form in the menu header above.
