At Girard Gibbs LLP, our attorneys have represented people across the country whose privacy rights have been violated. We represent these people in a legal proceeding known as a class action lawsuit, which allows many people who were subject to the same privacy violation to join together to bring legal claims for violations of their rights.
If you have a question about one of the cases below or would like to discuss a potential case with one of our privacy lawyers, please complete the form to the right or call us toll-free at (866) 981-4800.
Girard Gibbs’ data breach attorneys are among those representing the patients, health care providers, and consumers affected by a massive data breach at Banner Health in the summer of 2016. Bann Health announced the breach on August 2, 2016, saying that the breach may have exposed the personal health and other sensitive information of up to 3.7 million individuals. Banner stated that the hackers gained access to its medical records network through certain computer servers, including the servers that process payment card information where food and beverages were sold.
On March 4, 2016, 21st Century Oncology Holdings confirmed a massive cyberattack affecting as many as 2.2 million patients and employees throughout the country. It is being reported that the Florida-based cancer clinic was aware of this data breach as early as November 13, 2015.
Our data breach attorneys are investigating reports about a potential data breach at Wendy’s fast food restaurants. Both Wendy’s customers and local credit unions have reported a pattern of unusual credit card activity in certain Wendy’s stores, leading to fraud, including unauthorized charges or debits in customers’ accounts.
Experian credit bureau announced on October 1 ,2015 that one of its business units was hacked by “an unauthorized party,” leaving the personal information of 15 million T-Mobile wireless subscribers and potential customers exposed. The hackers gained access to customers’ names, Social Security numbers, home addresses, birthdates, passport identification numbers, driver’s license numbers, and other personal information. Experian states that “no payment card or banking information was acquired” in the data breach.
On September 9, 2015, Excellus BlueCross and BlueShield announced that it was targeted in a cyberattack in which the personal information of more than 10 million people was exposed. According to Excellus, attackers could have accessed information including names, dates of birth, Social Security numbers, addresses, financial account information, and even medical claim information. According to an article by Wired, Excellus spokesperson Kevin Cane stated that the breached financial information also included credit card numbers.
On June 5, 2015, the United States Office of Personnel Management (“OPM”) notified approximately 4 million federal employees its computer systems had been hacked and their personally identifiable information may have been stolen. According to reports, hackers may have gained access to unencrypted names, addresses, social security numbers, telephone numbers, financial and medical records, foreign trips taken, children’s and relative’s names, names of neighbors and close friends, and more. OPM maintains records for current, former, and prospective federal employees. Recent reports indicate at least 14 million people may actually be affected.
On June 4, 2015, the Office of Personnel Management (“OPM”) announced it would notify approximately four million current and former federal applicants and employees that its software system had been hacked and employees’ personal identifiable information (“PII”) had been stolen. In order to access the OPM’s database, hackers stole valid user credentials. By using credentials to get into the software system, hackers could sneak data out of the network over the Internet, hiding its activity internally among normal traffic. OPM has placed the blame on KeyPoint, a private OPM contractor that handles federal background checks, stating that hackers “leveraged a compromised KeyPoint users credential to gain access to the OPM network.”
On March 17, 2015, health insurer Premera Blue Cross announced that it had fallen victim to a “sophisticated cyberattack,” potentially exposing the personal information of up to 11 million Premera members. According to the company, hackers may have gained access to members’ addresses, email addresses, telephone numbers, Social Security numbers, member identification numbers, bank account information, and medical claims information, including clinical information. Additionally, the email addresses, Social Security numbers, and bank account information of any non-members conducting business with Premera may have been exposed.
On February 9th, 2015, Girard Gibbs LLP filed a federal class action lawsuit against Anthem, Inc. on behalf of all current and former Anthem members and employees whose personal information was compromised as a result of the data breach announced in February 2015. The lawsuit alleges that Anthem failed to maintain reasonable and adequate security measures designed to prevent the attack or detect unauthorized network activity. It also alleges that Anthem failed to encrypt its members’ data.
On May 26, 2015, the Honorable Lucy H. Koh of the U.S. District Court for the Northern District of California certified a national class and a California subclass in the case of In re Yahoo Email Litigation. The national class includes all persons in the United States who are not Yahoo Mail subscribers and who emailed with Yahoo Mail subscribers from October 2, 2011 to the present, or who will email with a Yahoo Mail subscriber in the future. The California class includes all persons in California who are not Yahoo Mail subscribers and who emailed with Yahoo Mail subscribers from October 2, 2012 to the present, or who will email with a Yahoo Mail subscriber in the future. The classes were certified under the federal Stored Claims Act (SCA) and California Invasion of Privacy Act (CIPA). The plaintiffs allege that Yahoo illegally scans and analyzes emails sent by non-Yahoo email subscribers to Yahoo email subscribers without first obtaining the senders’ consent, and uses the scanned data for advertising purposes.
On March 8, 2016, the Court preliminarily approved a settlement reached between Home Depot and the consumer plaintiffs in In re The Home Depot, Inc., Customer Data Security Litigation, No. 1:14-md-02583-TWT. The Court found that the settlement was fairly negotiated between the parties’ counsel and that it is fair and reasonable. Class members will be notified about the settlement by e-mail or mail by May 2, 2016.
Adobe Systems, Inc. announced a data breach which affected an estimated 2.9 million accounts, on October 4, 2013. The company was the target of a cyber-attack during July and August, 2013, in which customer information and source code for some of its products were compromised. The stolen customer information included user names, passwords, credit or debit card numbers and expiration dates.
On October 10, 2014, Kmart confirmed that its payment systems were breached, compromising its customers’ credit card and debit card information. According to Sears, which owns Kmart, the security breach potentially impacts customers who shopped in Kmart retail stores during the period of early September 2014 through October 9, 2014. It is still unclear at this time how many customers are affected. However, there are approximately 1,200 Kmart stores throughout the United States.
On November 24, 2014, Sony Pictures Entertainment took its computer systems offline after a group of hackers breached the company’s network. The group that has claimed responsibility for the breach, Guardians of Peace, hacked into Sony Pictures’ computer systems, preventing staff from logging into their computers or accessing their corporate email accounts. The LA Times reported that the hackers warned Sony Pictures that they had obtained, and planned to release, internal company information. At the time, it was unclear what information had been taken, and cyber security experts said little was known about the hackers.
On August 14, 2007, Girard Gibbs filed a class action complaint in federal court in Los Angeles against Certegy Check Services and other defendants based on the breach of consumers’ confidential financial data. Other cases were filed by consumers in other states against Certegy based on similar allegations.
On December 10, 2013, Honorable Judge David Brown granted preliminary approval of a class action settlement in the Health Net data breach lawsuit. Filed in 2011, the lawsuit alleged that Health Net violated medical privacy laws when certain server drives that contained personal, medical, and/or financial information of patients went missing.