Data Breach Class Actions

Data Breach Class Actions Are Surging: Cybersecurity Trends

Seems like I’m reporting on a lot of class actions lately. According to a report, federal data breach class actions are up 154% in the last year!

According to Daily Business Report (Data Breach Class Actions Surge Across US Federal Courts in Prior 12 Months, written by Michael A. Mora and available here), in June, plaintiffs attorneys filed more than 60 federal data breach class actions, a surge that is part of an overall trend over the last year, in which there have been an average of 33 of these suits per month, well above the 13-suit average in the 12 months prior to that, per Trend Detection.

“A year from now, we will be looking back at this data and thinking about the good ol’ days when only 33 cases per month were considered low,’” said Franklin Zemel, a Saul Ewing partner in Fort Lauderdale. Zemel co-chairs the first U.S. standing committee on cybersecurity and privacy law for the Florida Bar, in part, to counter the prevalence and impact of data breaches.


“Businesses must undertake an appropriate assessment of current security standards,” Zemel said. “I recommend that businesses engage appropriate legal counsel to serve as the point for such an assessment because it provides attorney-client and work product privileges to that process. Notably, once an attack has occurred, courts are finding that post-incident assessments may not be privileged.”

So far, there has been a 154% increase from the pre-trend average, with now over 399 cases in the U.S. District Court for the Southern District of Florida, and in federal jurisdictions in New York, California, Texas, Pennsylvania, and over a dozen additional states.

And law firms are not immune from becoming a prime target of data breaches, as reported by the American Lawyer and covered here. In June, a former employee of snack-food maker Mondelez sued Bryan Cave with a class action lawsuit in the Northern District of Illinois, alleging implied contract, breach of contract, unjust enrichment, and invasion of privacy. The plaintiff’s personal data, as well as the data of more than 51,000 additional former and current employees, was hacked from Bryan Cave’s computers in late February.

The Radar provides some terrific information, including the trends and a list of – and links to – the cases. Check it out here!

It’s only natural that, as data breaches are on the rise, data breach class actions would rise too. Another reason to take cybersecurity and incident response seriously.

So, what do you think? Are you surprised that data breach class actions are surging? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the authors and speakers themselves, and do not necessarily represent the views held by my employer, my partners or my clients. eDiscovery Today is made available solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Today should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

One comment

Leave a Reply