Data Breach Litigation Report: An Analysis of Federal Class Action Lawsuits Involving Data Security Breaches
May 16, 2016
Authored by: Jena Valdetero, Joy Anderson and BCLP
Data security breaches – and data security breach litigation – dominated the headlines in 2015 and continue to do so in 2016. While data breach litigation is an important topic for the general public, and remains one of the top concerns of general counsel, CEOs, and boards alike, there remains a great deal of misinformation reported by the media, the legal press, and law firms. At best this is due to a lack of knowledge and understanding concerning data breach litigation; at worst some reports border on sensationalism or fearmongering.
Bryan Cave LLP began its survey of data breach class action litigation four years ago to rectify the information gap and to provide clients, as well as the broader legal, forensic, insurance, and security communities, with reliable and accurate information concerning data breach litigation risk. The 2016 report covers litigation initiated over a 15 month period from the fourth quarter of 2014 through the fourth quarter of 2015. Key findings include:
- There was a nearly 25% decline in the quantity of cases filed as compared to the 2015 Data Breach Litigation Report .
- When multiple filings against single defendants are removed, there were only 21 unique defendants during the relevant period, indicating that plaintiffs’ attorneys are filing multiple cases against companies connected to the largest and most publicized breaches, and are not filing cases against the vast majority of other companies that experience data breaches.
- Approximately 5% of publicly reported data breaches led to class action