As more and more of our personal information ends up online (either through our own actions or someone else’s) we must all be increasingly vigilant about taking the necessary steps to ensure our privacy from hackers. Businesses and website hosts need to be especially careful about protecting themselves from liability in the event of a data breach.
Class action lawsuits claiming damages against businesses that allegedly did not take the proper measures to protect against security breaches have been popping up with increasing frequency all over the country, but depending on the case, proving actual damages can be easier said than done.
Most, if not all, banks and credit card companies offer identity theft protection – for a fee. They’ll cover the costs of any unverified charges if your information gets stolen, but only if you pay them a monthly fee. The fee is usually around $5/month, but even that can be prohibitive for low-income consumers. As a result, most plaintiffs suing as a result of a data breach at least sue for the costs of purchasing identity theft protection.
Two recent examples of class action lawsuits involving data breaches were recently filed in New York and Illinois – the New York lawsuit was filed against Tempur Sealy and its website host, Aptos Inc.; the Illinois class action was filed against Barnes & Noble.
In the New York case, the lead plaintiff, Michelle Provost, alleges the companies failed to abide by best practices and industry standards in order to properly protect their customers’ sensitive information. Their failure to take the proper precautions allegedly resulted in a security breach in early 2016 that compromised the private information of Tempur Sealy’s customers, including payment information, email addresses, telephone numbers, and addresses.
The lawsuit further alleged that, once the breach had occurred, Tempur Sealy and Aptos Inc. had waited too long to notify customers that their information may have been compromised. Provost and her fellow plaintiffs are suing for violations of state consumer protection laws, state data breach laws, breach of implied contract, negligence, and unjust enrichment. The lawsuit is claiming actual and statutory damages, in addition to injunctive relief that would require Aptos Inc. and Tempur Sealy to maintain appropriate security measures from here on out.
A similar data breach lawsuit was filed against Barnes & Noble after customer information was taken from PIN pad terminals in 63 different stores located in nine different states. But the judge dismissed those claims, saying the plaintiffs failed to adequately claim any economic damages as a result of the breach, despite one plaintiff’s allegations that her bank account had been put on hold and she had needed to spend time with her bank and her local police to resolve the issue. The judge determined losing access to one’s bank account and the time lost speaking to professionals to sort out her finances were not sufficient to claim damages, even after she listed the minutes deducted from her cell phone plan that was used to communicate with the professionals.
Super Lawyers named Chicago class action attorneys Peter Lubin and Patrick Austermuehle Super Lawyers or Rising Stars in the Categories of Class Action, Business Litigation, and Consumer Rights Litigation. Lubin Austermuehle’s Illinois business trial lawyers have over thirty years of experience in litigating data breach, privacy, complex class action, copyright, non-compete agreement, trademark and libel suits, consumer rights and many different types of consumer, business and commercial litigation disputes including lawsuits between businesses or between shareholders and owners of the same business. Our Chicago and Naperville partnership dispute lawyers handle emergency business lawsuits involving copyrights, trademarks, injunctions, and TROS, covenant not to compete, franchise, distributor and dealer wrongful termination and trade secret lawsuits and many different kinds of business disputes involving shareholders, partnerships, LLC members, closely held businesses and employee breaches of fiduciary duty. We also assist businesses and business owners who are victims of fraud. You can contact us by calling at 630-333-0333. You can also contact us online here.