Technology, Privacy & Data Breach

These are cases filed on behalf of individuals whose personal information was stolen or misappropriated in data breaches.

Common breaches involve the theft of Social Security numbers, banking information, credit card numbers, medical information, or other sensitive information that can be used to commit identity theft.

Data breaches are most often committed by computer hackers. They may also be committed by a company’s own rogue employees.

Identity thieves use stolen personal information to commit a variety of frauds including taking out loans in another person’s name, opening financial accounts in another person’s name, incurring fraudulent credit card charges, filing a fraudulent tax return using the victim’s information, obtaining medical services using the victim’s information, using the victim’s identity to obtain government benefits, obtaining a driver’s license or identification card in the victim’s name but with another person’s picture, or giving false information to police during an arrest.

Data breach class actions seek many types of relief, including:

• Reimbursement of identity theft losses;
• Reimbursement of out-of-pocket costs that victims paid for protective measures such as credit monitoring services, credit reports, credit freezes, etc.;
• Recovery of overpayment of the purchase price for the company’s products or services where a portion of the purchase price was intended to fund adequate data security;
• Compensation for time spent responding to the breach;
• Providing credit monitoring services and identity theft insurance, paid for by the defendant company; and
• Making improvements to the company’s data security systems.

By law, companies subjected to a data breach typically must notify affected individuals about the breach. Notice is often sent by mail or e-mail.

If you receive notice that your personal information was compromised in a data breach, and you are interested in pursuing a class action, please contact us to evaluate your case.

Berger Montague has been involved in many data privacy class actions, including the following:

In re MOVEit Customer Data Security Breach Litigation, 1:23-md-03083 (D. Mass.). Firm was appointed co-lead counsel in one of the largest data breach MDLs in history, a case involving 200 defendants and over 93 million impacted individuals, and has successfully defeated a partial motion to dismiss.

In Re: Change Healthcare, Inc. Customer Data Sec. Breach Litig., No. 24-md-03108 (D. Minn) Co-lead counsel representing hundreds of thousands of medical providers whose practices were decimated by Change’s shutdown in the wake of a breach.

In re Experian Data Breach Litigation, No. 15-cv-1592 (C.D. Cal.). Firm served on the Executive Committee and assisted in obtaining a $170 million settlement which included a $22 million non-reversionary cash settlement fund as well as remedial measures and two years of free credit monitoring and identity theft insurance.

In re: MGM Resorts International Data Breach Litigation, No.: 2:20-cv-00376 (D. Nev.). Firm was appointed co-lead counsel in this data breach class action affecting tens of millions of consumers which recently achieved preliminary approval of a $45 million settlement.

In re Heartland Payment Systems, Inc. Customer Data Security Breach Litigation, No. H–10–171 (S.D. Tex.). Firm was appointed to Plaintiff’s Steering Committee in class action for data breach involving 100 million credit and debit card numbers. The case settled in 2011 for a cash fund to reimburse out-of-pocket costs, and injunctive relief.

In re Target Corp. Customer Data Security Breach Litigation, No. 14-2522 (D. Minn.). Executive Shareholder E. Michelle Drake was appointed liaison counsel and helped achieve a settlement on behalf of a class of approximately 100 million consumers upheld by the Eighth Circuit.

In re: Capital One Customer Data Security Breach Litigation, No. 1:19-MD-02915 (E.D. Va.).  Firm assisted co-lead counsel in class action for data breach impacting 98 million individuals—was the only firm to whom co-lead counsel allocated a multiplier on its time as a result of the value the Firm’s work provided to the litigation.

In re: American Medical Collection Agency, Inc. Customer Data Security Breach Litig., No. 19-md-02904 (D.N.J.). Firm was appointed to the Plaintiff’s Steering Committee in the Quest Diagnostics track, which is the largest track in the coordinated MDL proceedings in this class action for a data breach impacting over 20 million patients of various medical labs.

Beckett v. Aetna Inc., No. 2:17-cv-03864-JS (E.D. Pa.). Firm served as co-lead counsel and obtained a $17.1 million settlement in this lawsuit in which the plaintiffs alleged Aetna violated the privacy rights of thousands of its customers by exposing their private and confidential information regarding prescriptions for HIV medication.

In re Countrywide Fin’l. Corp. Customer Data Security Breach Litig., MDL 1998, No. 08-MD-01998-TBR (W.D. Ky.).A Countrywide employee was arrested for stealing and selling Countrywide customers’ Social Security numbers, bank account information and other sensitive data. The case settled in 2010 for benefits including a $6.5 million cash fund to reimburse out-of-pocket losses for 17 million individuals; two years of credit monitoring offered to 1.9 million individuals; and improvements to Countrywide’s data security systems. Berger Montague served on the Plaintiffs’ Executive Committee.

In re GEICO Customer Data Breach Litigation, No. 21-cv-2210 (E.D.N.Y.). Firm was appointed co-lead counsel in privacy class action alleging GEICO voluntarily disclosed millions of consumers’ drivers’ license numbers on its website in violation of the federal Drivers’ Privacy Protection Act.

In re: Hannaford Bros. Co. Customer Data Sec. Breach Litig., MDL 1954, No. 08-md-01954 (D. Me.). Firm assisted lead counsel in class action for data breach involving 4 million credit and debit card numbers.

In re MAPFRE Data Disclosure Litigation, No. 1:23-cv-12059 (D. Mass.). Firm was appointed co-lead counsel in privacy class action alleging MAPFRE voluntarily disclosed millions of consumers’ drivers’ license numbers on its website in violation of the federal Drivers’ Privacy Protection Act.

Lurry v. Pharmerica Corp., No. 3:23-cv-00297 (W.D. Ky.). Firm was appointed co-lead counsel in class action for data breach involving over 5.8 million individuals.

Shackelford v.Regents of the Univ. Of Minn., No. 27-CV-23-14056 (Minn. Dist. Ct., Henn.Cnty.). Firm was appointed to plaintiffs’ steering committee in data breach involving 7 million consumers.

In re TJX Retail Securities Breach Litigation, No. 1:07-cv-10162-WGY (D. Mass.). Firm was appointed lead counsel and obtained a settlement valued at over $200 million in this multidistrict litigation on behalf of consumers whose personal and financial data were stolen by computer hackers from TJX Companies, Inc. (“TJX”).

In re: Anthem, Inc. Data Breach Litig., MDL 2617, No. 15-MD-02617 (N.D. Cal.). Hackers stole 80 million insureds’ personal information including Social Security numbers and other sensitive information. Many plaintiffs experienced misuse of their personal information after the breach. The case settled in 2018 for benefits valued at $115 million, representing the then-largest data breach settlement in history. Settlement benefits included reimbursement of identity theft losses and other out-of-pocket costs; credit monitoring services and identity theft insurance for two years, paid for by Anthem; and substantial improvements to Anthem’s data security systems. Berger Montague assisted lead counsel throughout the litigation.

In re: Medical Informatics Engineering, Inc. Customer Data Security Breach Litig., MDL 2667, No. 15-md-02667 (N.D. Ind.). Hackers stole medical and personal information for four million individuals from a medical records company. The case settled in 2018 for benefits including compensation for out of pocket losses and time spent responding to the breach; three years of credit monitoring and identity theft insurance; and improvements to the defendant’s data security practices. Berger Montague assisted lead counsel throughout the litigation.

Berger Montague is the rare class action firm that has tried and won multiple class action jury trials. We have the expertise to bring our cases to trial if meaningful settlements cannot be reached earlier in the litigation.

We are one of the largest class action law firms in the U.S. With more than 60 attorneys, we have resources to staff large and complex cases as well as smaller but equally important matters. Having a deep bench of attorneys is critical to effectively litigating class actions, which generally take several years to resolve.

We have a 50-plus year history, much longer than the vast majority of class action firms. With our thorough understanding of class actions, we litigate our cases from a position of strength, using time-tested insights and proven approaches. Throughout our decades-long history, we have cultivated strong relationships with other class action firms, with whom we partner in most of our cases.