Data breaches are a hot topic right now. Before you can delve into the intricacies of data breach issues, you need a basic understanding of what a data breach is.
Our data breach lawyers at Console & Associates, P.C. provide guidance to victims of data breaches, helping them understand how to best protect themselves and, where appropriate, how to effectively bring a claim against a company for leaking their information. We offer free consultations to data breach victims, during which we will explain your rights in clear, understandable terms so you can make an informed decision about how to proceed with your case.
Data breach simply means that data, or information, stored on a computer network is breached, or accessed by an unauthorized user.
Companies and organizations of all kinds store data about their customers. Most organizations keep customers’ identifying information, including names, phone numbers, mailing addresses, email addresses, and any customer numbers or account numbers. A company that processes financial transactions may store financial data, including credit card numbers and bank account numbers. A medical facility or a pharmacy may retain private medical information and insurance information. Often, by doing business with an organization—such as making a purchase, receiving medical care, or signing up for rewards programs—you agree to allow the organization to store and use your data.
In a data breach, this information is accessed by someone who isn’t authorized to have it. Breaches may occur through hacking, malware (malicious software), fraud, theft of devices or printed paper, or even through human error on the part of an organization’s employees. If an unauthorized person or party is able to view, capture, download, or store the information, the data can be considered to have been breached.
If you are the victim of a data breach,
we are here to help.
There are plenty of legitimate reasons why a company or organization would store this data. Companies may contact you to send you marketing offers, bill you for purchases or services, or keep track of promotional credits and rewards. Medical facilities need to keep records of your visits, diagnoses, test results, and treatments. Even employers must store data pertaining to their employees to pay salaries, administer benefits, and comply with tax laws and other regulations.
The problem is that someone who gains unauthorized access to this information—like a hacker or cybercriminal—can use this data in many malicious ways. For example, if the identifying information and financial information stored in a company’s networks wind up in the wrong hands, a cybercriminal could use them to commit identity theft.
A data breach is important primarily because of the harm that a malicious user can do with your sensitive information. Identity theft can cost you thousands of dollars, and some particularly unfortunate victims may even lose their entire life savings.
Someone else’s irresponsible use of your credit can tank your credit score. Having bad credit can cost you opportunities for financing when you need it. Credit scores are used in so many aspects of life that the damage done to your credit by an identity thief may even make it harder to get a competitive insurance premium rate, rent a home, or get a new job.
If the identity thief commits other criminal offenses using your identity, you could end up facing criminal charges because of their actions. Sorting out that mess can take a great deal of time and be a big hassle, especially if you are arrested and held in custody in connection with these charges.
Data theft is somewhat different from identity theft, but they are related.
Data theft occurs when data, or information, has been downloaded, illegally transferred, or otherwise accessed and captured by an unauthorized party or for unauthorized purposes. A hacker may commit data theft, but so can an employee of an organization who copies stored data for malicious or unauthorized purposes.
Anyone who has received a data breach notification letter may be considered a victim of data theft, but that does not mean that they are a victim of identity theft—not yet, at least.
Identity theft occurs when someone actually uses another person’s identifying information fraudulently or without their permission. For example, the identity thief may withdraw money from your accounts or take out loans in your name.
A data breach does not always mean that identity theft is imminent, but it does mean that you should be wary. Your personal, sensitive information may already be in the hands of someone with malicious intent.
A data breach lawsuit is a legal action that victims of data theft may be able to take.
It’s not uncommon for the individuals behind a data breach to get away with their crime without being identified. The good news is that your ability to pursue a data breach lawsuit doesn’t depend on the hacker who illegally accessed private information being charged, in custody, or even identified. Instead, data breach lawsuits are legal actions against the company or organization that allowed your information to be accessed by unauthorized users.
Often, cybercriminals attack the computer systems and networks of organizations that have inadequate security measures in place. Although the hacker who broke into a private network to steal others’ data broke the law in doing so, the organization may share some of the blame for the data security incident by being negligent in its computer security measures. Cyber crime and hacking are known dangers for modern organizations, which must take proactive action to keep secure the data that has been entrusted to them.
Data breach lawsuits are civil, rather than criminal, legal actions. In a data breach lawsuit, the individual who has been a victim of data theft may seek financial compensation from an organization that can be shown to have been negligent in its efforts (or lack thereof) to protect the data in its possession from unauthorized access.