DATA BREACH & DATA LOSS NEWS – TOP STORIES

Our firm represents the victims of data breaches and data losses.  Personal identifying information is a commodity.  Your personal information can be sold just like illegal drugs on the street.  Companies and government agencies have a duty to protect your personal identifying information. If your personal information is taken or lost, you may be at risk for identity theft.   

What is a data breach?  A data breach occurs when  information is taken without authorization, or an otherwise legal purpose.  For example, a data breach occurs when a hacker accesses a computer network and downloads personal identifying information. Another example of a data breach is when an employee, without authorization, accesses customers/patients’ personal identifying information or financial information for an unlawful purpose.

What is a data loss?  A data loss occurs when personal identifying information, such as your name, date of birth, address, email, or PIN, is lost by a person entrusted with the safekeeping of your information.  Most often, the “person” is a business or government agency.  For example, a data loss occurs when a company loses backup tapes or can’t account for the whereabouts of personal identifying information.   

Here are some of the reason data breaches or data loss events we are following:

LinkedIn Data Breach Class Action filed – An Illinois woman filed a class action suit against LinkedIn.  The class action complaint alleges LinkedIn broke its own privacy policy when it allowed hackers to access over 6 million passwords.  The plaintiff, Katie Szpyrka, is a LinkedIn user.  The lawsuit was filed in the Northern District of California and cites the National Institute of Standards and Technology Checklists as guidance for avoiding SQL injection attacks.   LinkedIn reported the attack was made by Russian hackers.  Erin O’Harra, a spokesperson for LinkedIn, predictably, stated, “We have no reason to believe that any LinkedIn member has been injured.”  Full Story. 
 
Stratfor Data Breach Class Action – Austin, Texas-based data security firm is about to settle a class action lawsuit.  The settlement, if approved, will include credit monitoring for more than 75,000 victims.  The data breach occurred last year when hackers from the group Anonymous accessed   the names, addresses, credit card numbers and emails.  In all, it is estimated that the hackers obtained over 90,000 credit card numbers in the attack.  Full Story.

FTC Sues Wyndham Over Data Breaches – According to a lawsuit filed in federal court in Arizona by the Federal Trade Commission (FTC), hackers stole personal information from hundreds of thousands of Wyndham, and three of its subsidiaries, customers.  The FTC alleges Wyndham stored card data in plain text.  The data was stolen by Russian hackers from Wyndham’s Phoenix data center.  Victims suffered more than $10 million in fraud losses.  The FTC further alleges Wyndham failed to use firewalls and remedy known security vulnerabilities.  Full Story.

International Arrests Made in Cybercrime Wave – Over twenty people have been arrested in an international investigation of cybercrime.  “Operation Card Shop” has been ongoing for the last two years.  The investigators pursued persons involved in the sale of stolen credit card data.  The stolen information was exchanged online.  In all, the FBI identified over 400,000 stolen credit cards and debit cards.  The FBI estimates the arrests prevented over $200 million in additional losses.  Full Story.   

Have you received a data breach or data loss notification letter?  Under the Fair Credit Reporting Act (FCRA), consumers have the right to get their credit reports from consumer reporting agencies due to fraud or identity theft.  Consumers also have the right to dispute, for free, any incorrect information on their credit reports.  The FCRA provides consumers with a private cause of action if the credit reporting agencies violate the law. 

Before you sign any papers or sign up for credit monitoring, you should contact a data security attorney to discuss your rights.  Contact data security attorney Micah Adkins at 1-800-263-9091 24/7 for a free case review.  Or, use the contact form below.

[contact-form] [contact-field label=”Name” type=”name” required=”true” /] [contact-field label=”Address” type=”address” required=”true” /] [contact-field label=”Email” type=”email” required=”true” /] [contact-field label=”Telephone Number” type=”text” required=”true” /] [contact-field label=”How can we help you?” type=”textarea” required=”true” /] [/contact-form]