BackNine Data Breach

The Lyon Firm is actively filing class action data breach & data theft cases
Request a No-Cost & Confidential Consultation
Nationwide Success

Data Breach Attorney

Investigating backnine data breach & data theft claims

BackNine, a California-based tech company, has announced that hundreds of thousands of insurance applications that included sensitive information have been compromised in a data breach incident. A cyberattack allegedly occurred after one of the BackNine cloud servers was left unprotected. The exposed data dates back to 2015.

One of BackNine’s storage servers, hosted on Amazon’s cloud, was misconfigured and reportedly allowed unauthorized access to over 700,000 files, which included the completed insurance applications from some of the nation’s largest insurance carriers, including the following:

  • AIG
  • TransAmerica
  • John Hancock
  • Lincoln Financial Group
  • Prudential

BackNine builds software for bigger insurance carriers that sell and maintain life and disability insurance policies. The exposed data may include:

  • Names
  • addresses
  • Phone numbers
  • Social Security numbers
  • Medical diagnoses & medications
  • Questionnaires about an applicant’s health
  • Lab and test results
  • Driver’s license numbers

Security and data breaches are an issue plaguing dozens of companies that store customers’ personal information online. Several high-profile security breach incidents have drawn security negligence into question, and attorneys and victims are holding the responsible parties accountable for leaked financial information, credit scores, credit card numbers, bank information and other confidential information.

Joe Lyon is a highly-rated personal data breach lawyer and Privacy Attorney representing plaintiffs nationwide in class action security breach lawsuits.

Personal Data Breach Lawsuits

Regardless of the reason for a security breach—whether a person or group gains access to confidential information for financial or political gain—victims have the right to file a claim against a company for failing to protect their information, and can lead to a class action lawsuit.

Companies must exercise reasonable care in protecting customers’ information, and if they do not, they can be held liable for the damages that result, including identity theft.

Security breach victims and attorneys representing plaintiffs have been able to settle multi-million dollar recoveries. If you or a loved one suffered financial losses from a data breach, contact a data breach lawyer for a free consultation.

Data Breach Class Action Settlements

Companies big and small today face the reality that it is likely that their network will be breached. As a result, they must do all they can to prevent attacks. If they fail to protect private information, class action data breach lawsuits can be filed.

Can I File a BackNine Data Breach Claim?

An experienced class action attorney can determine if you are eligible to file a data breach lawsuit or join a class of plaintiffs. A lawyer can assist in determining the following:

  • Did BackNine fail to adopt security safeguards that would have prevented a data breach?
  • Did BackNine notify customers as soon as it learned of the data breach?
  • Did BackNine provide a complete list of all individuals affected by the data breach?
  • Did BackNine provide security in line with industry standards?

CONTACT THE LYON FIRM TODAY

Please complete the form below for a FREE consultation.

  • This field is for validation purposes and should be left unchanged.

ABOUT THE LYON FIRM

Joseph Lyon has 17 years of experience representing individuals in complex litigation matters. He has represented individuals in every state against many of the largest companies in the world.

The Firm focuses on single-event civil cases and class actions involving corporate neglect & fraud, toxic exposure, product defects & recalls, medical malpractice, and invasion of privacy.

NO COST UNLESS WE WIN

The Firm offers contingency fees, advancing all costs of the litigation, and accepting the full financial risk, allowing our clients full access to the legal system while reducing the financial stress while they focus on their healthcare and financial needs.

photo of data breach attorney Joe Lyon
Compensation for Victims

Why are Data Breach Cases important?

Without data breach class actions, large corporate defendants would be able to cause small amounts of harm over a large group of individuals without any risk of monetary penalty.

Holding companies accountable for poor cybersecurity and data theft incidents helps ensure that consumers are better protected in the future. 

CONTACT THE LYON FIRM TODAY

  • This field is for validation purposes and should be left unchanged.

Questions About Data Breach Lawsuits

What to do if you are a victim of a data breach
  1. Get confirmation of the data breach and collect as many details about the incident as possible. 
  2. Contact an attorney to investigate the complex litigation involved in security breach lawsuits. 
  3. Try to find out what information was exposed and protect yourself as much as possible. 
  4. Talk to an attorney before accepting any settlement direct from a company. 
  5. Monitor your accounts and personal information closely. 
Can I get compensation for a data breach?

Yes, in most cases. However, each case is different, but some recent lawsuits have proven to be quite valuable. In one data breach suit, Ohio Attorney General and attorneys general in other states obtained a $17.5 million settlement against The Home Depot due to a data breach in 2014. The settlement resolves a multistate data breach which exposed the payment card information of approximately 40 million Home Depot consumers.

The Home Depot data breach made vulnerable the company’s self-checkout point-of-sale system. In addition to the $17.5 million settlement, The Home Depot has agreed to improve network security and maintain data security practices in order to strengthen its data security program and protect the personal information of consumers.

Who is liable for a data breach?

Under current privacy law the firm or organization that is storing user data are responsible for data breaches and will pay any fines or damages that are the result of legal action. The actual data holder—an organization that provides cloud storage—is not usually legally implicated or held responsible in litigation. 

How do data breaches occur?

The majority of data breach incidents are accidental, and not actually hacking events. Outside threats do pose personal data risks for consumers, though the bigger risk is the internal security and cloud-based data network. Some common ways data can be compromised include:

  • Exposing data in code banks
  • Leaking data from misconfigured data buckets
  • Expired security certificates
  • Storing data with unsecured third party vendors
  • Relaxed email security standards

 

what are some recent data breach incidents?

Luxottica, the eyewear company that produces popular brands like Ray-Ban, Oakley, Persol, Armani, Bulgari, Chanel, Prada, Ferrari, Michael Kors, Burberry, Versace, Dolce and Gabbana, Miu Miu, and Tory Burch, suffered a ransomware attack which affected the company worldwide. The data breach has exposed the personal and protected health information of more than 829,000 LensCrafters, Target Optical, and EyeMed patients.

Luxottica operates eyecare providers like Pearle Vision, LensCrafters, and EyeMed, and the retail outlet Sunglass Hut. A security professional said that no data had been stolen during the malware attack, but after Luxottica determined on August 28 that the attacker gained access to patients’ personal information.

The exposed information includes personal data and protected health information, including medical histories of clients. For some patients, credit card numbers and social security numbers may have been exposed.

Is my personal health data protected?

Privacy laws are meant to protect patients’ personal health data, and when institutions fail to protect personal data they may be sued for damages. In recent years much health data has been leaked and stolen, causing significant damages to plaintiffs who have have taken legal action

In a recent case the American Medical Collection Agency (AMCA) settled with nearly 21 million people in 40 states and Washington D.C. concerning a data breach that may have exposed their personal information. The breach, which occurred in 2018, lasted nearly a year until official notice of the intrusion.

An unauthorized user gained access to the AMCA internal data system and collected the personal information, including Social Security numbers, financial information, and personal health information, such as medical tests and diagnostic codes.

Quest Diagnostics was alerted that the hack exposed the personal medical data of 11.9 million of its patients. LabCorp had 7.7 million patients exposed. A number of class action lawsuits were filed throughout the country, alleging negligence, breach of contract, and a variety privacy violations concerning data security.

What is a Class Action Lawsuit?

A Class Action is a lawsuit brought by an individual on behalf of all other similarly situated individuals. Rule 23 of the Federal and State Rules of Civil Procedure allows for Class Action lawsuits to resolve disputes in an efficient format.

Class Actions are typically filed when the amount of money in dispute for a single plaintiff would not justify litigating the case, but where the amount of damages of the entire class of Plaintiffs would justify the cost of litigation. Without class actions, large corporate defendants would be able to cause small amounts of harm over a large group of individuals without any risk of monetary penalty.

What are class action requirements?

In order for a case to be certified as a Class Action, the Court must determine that the case is appropriate for class action treatment under Rule 23. There are different elements depending on whether the case is seeking monetary or injunctive relief. In general, the Court must find the following elements are satisfied:

  • Numerosity: The proposed class must be so numerous that simply joining the individual plaintiffs would be impractical. Generally, the class size should exceed 100 individuals.
  • Common Questions of Law or Fact: The facts and/or legal questions in the dispute must be common to all class members. This does not mean all facts or issues must be identical, but the primary facts and law that will determine the issue in dispute must be common among all class members.
  • Typicality: The named Plaintiff in the case must have the same facts and legal issues as the class they are proposing to represent. If the Plaintiff’s individual case involves issues of fact or law unique to that Plaintiff and are irrelevant to the ultimate issue, class certification may be denied by the Court.
  • Plaintiff/Counsel Adequately Represents the Class: The Court must find that the Plaintiff and Plaintiff’s Counsel are competent and will protect the class’ interests.
  • Predominance: Common questions of fact predominate over individual facts.
  • Superiority: The Class Action is a more efficient and fair means of resolving the dispute. The Court will look at the following factors when making this determination: (1) Class Member interest in maintaining a separate action; (2) the extent of any litigation already begun by other class members; (3) desirability or undesirability of litigating the case in a particular Court ; (4) difficulties in managing the class.
Your Right to Justice
Learn About the Legal Process

Filing Class Action lawsuits is a complex and serious legal course and can carry monetary sanctions if proper legal course is not followed. The Lyon Firm is dedicated to assisting injured plaintiffs work toward a financial solution to assist in compensating for medical expenses or other damages sustained.

We work with law firms across the country to provide the most resources possible and to build your case into a valuable settlement. The current legal environment is favorable for consumers involved in data breach class actions, deceptive marketing lawsuits, TCPA telemarketing claims, and financial negligence claims.

data breach lawsuits
MAKAI

About Us

Contact

  • Contact Us

  • CINCINNATI HYDE PARK OFFICE

    2754 Erie Ave
    Cincinnati OH 45208
    513.381.2333

  • CLEVELAND OFFICE

    6105 Parkland Boulevard
    Mayfield Heights, Ohio 44124
    800.513.2403

© The Lyon Firm. ALL RIGHTS RESERVED