Data Breach Lawsuit – Settlements & Hacked Companies Info

In 2018, the FTC sued Xunlei Inc., a Chinese software company in charge of controlling internet speeds for US telecom providers. The lawsuit alleged that Xunlei had given the FCC access to customers’ personal information in violation of privacy laws. In September 2019, after settling with the FTC and paying $6 million plus interest into an escrow account by November 20th, 2019; on December 12th,
2019 China ordered all telecom companies operating domestically to stop using their services due to security concerns
(https://www.cnbc Breaking news). This case study is important because it shows how legal procedures can be used as leverage against tech giants like Google & Facebook who have been accused by critics of breaching consumer privacy rights without even being penalized or fined monetarily.
Introduction: In October 2016 Uber was hacked resulting in data breach lawsuits filed against them (the IAMAI suing Uber) which were settled out-of-court just weeks ago and resulted in two class action settlements totaling over 6 billion dollars ($5B+ 2B) (including lawyers fees), making this one of the largest hacking/data breach cases ever faced globally . It also helps set precedence for global organizations that are still investigating more than 1 million claims from drivers across 51 states but not yet revealed what will happen with these pending lawsuits

Data Breach Lawsuit - Settlements & Hacked Companies Info

(This page was last updated on November 30, 2018)

When an unauthorized individual acquires access to protected information for personal or political advantage, it is called a data breach. Identity theft and financial losses are common after data breaches like the Marriott hack, which reportedly exposed the personal information of up to 500 million customers, and the Yahoo breaches of 2013 and 2014, which exposed 1.4 billion accounts. Victims of these security breaches may be able to file a lawsuit.

Affected customers may be eligible to initiate a class action lawsuit if a corporation fails to exert reasonable care in securing their personal information.

Affected customers may be able to band together and bring a class action lawsuit against a corporation that fails to use reasonable care in securing their personal information.

These cases may result in millions of dollars in damages for plaintiffs, which is only fair considering the financial, privacy, reputation, and credit score harm that a data breach can cause.

Over the last several years, data breaches have grown more regular. These breaches may place a significant load on banks and credit card firms, who must react to a rush of fraud claims and revoked cards, in addition to customers.

Many data breach victims, thankfully, get compensated for their losses via multimillion-dollar settlements. Contact us for a free legal consultation if you or a loved one has experienced financial damages as a result of a data breach.

A class action lawsuit has been filed against Marriott for a data breach.

“When visitors stay in hotels, they believe that they will be safe—both physically and in terms of their personal information.”

Marriott experienced a data breach on November 30, 2018, which may have exposed the personal information of 500 million customers. Customers who booked reservations at Starwood properties were impacted by the incident.

On the same day, attorney John Yanchunis of filed a complaint against Marriott. Marriott is accused of failing to take reasonable care in securing and protecting customers’ personal information (PII), including failing to build and maintain security systems to guarantee the data was appropriately secured and safeguarded, according to the lawsuit.

Mr. Yanchunis said, “Large, smart organizations like Marriott are not ignorant to the hazards presented by cyber thieves, who are continuously seeking to hack corporations that retain sensitive customer information.” “It’s stunning and terrifying that a breach that started in 2014 stayed unnoticed for four years.”

“When visitors stay in hotels, they assume that they will be safe—both physically and in terms of their personal information. Marriott/Starwood looks to have betrayed the confidence of 500 million individuals for over a decade.”

Exactis, Equifax, and Yahoo have all had recent data breaches.

Night Lion Security security researcher Vinny Troia uncovered a breach in June 2018 that was one of the greatest in terms of volume and information leaked.

Exactis, a marketing and data aggregation service, is accused of leaving around 230 million person information and 110 million corporate records unsecured by a password-protected firewall or any type of encryption. Phone numbers, home and email addresses, personal hobbies and preferences, and other sensitive information were among the documents stolen.

“Exactis has a duty to safeguard the data it gathers, maintains, and sells when it collects, maintains, and sells private information.”

On behalf of lead plaintiff Kenneth Heretick and all others similarly situated, attorney John Yanchunis filed a complaint on June 29, 2018, seeking class action status.

Mr. Yanchunis said, “The breadth and depth of this data leak is absolutely stunning, with practically every U.S. citizen supposedly compromised.” “Exactis has a duty to safeguard the data it gathers, maintains, and sells when it collects, maintains, and sells private information.”

Check out the Complaint

Mr. Yanchunis is also a member of the Equifax data breach steering group and the lead counsel for the Yahoo data leak.

From mid-May to July 2017, the Equifax hack exposed the names, Social Security numbers, birth dates, addresses, and, in some circumstances, driver’s license numbers and credit card data of 143 million people.


Yahoo reported in December 2016 that 1 billion customers’ data had been taken in August 2013. This happened just a few months after Yahoo reported in 2014 that 500 million customers’ data had been compromised in a data breach. Names, email addresses, dates of birth, phone numbers, and passwords were among the data. (For more information on the Yahoo data breach and how it may effect you, see these FAQs.)

Attorneys for responded by filing a negligence claim against Yahoo. Mr. Yanchunis was appointed lead counsel in this matter, which is the world’s biggest class action lawsuit.

Because of the potentially disastrous consequences, data breaches often result in large compensation for victims.

Anthem Pays $115 Million to Resolve Data Breach Lawsuit

Anthem Inc., America’s biggest insurance business, agreed to a $115 million settlement in June 2017 after a data breach exposed the personal information of 80 million clients. This is the world’s biggest data breach settlement.

In March of the previous year, Home Depot agreed to pay $19.5 million to customers harmed by its 2014 data breach ($13 million in losses reimbursement and $6.5 million in identity theft prevention services). Home Depot agreed to pay several dozen banks and credit card firms $25 million a year later, bringing its total breach-related liabilities to $179 million.


Theirs is one of a slew of multimillion-dollar settlements that have resulted from data breaches. Sony settled a data breach lawsuit for $15 million and another for $8 million. Target paid a total of $10 million. To resolve their case, LinkedIn paid $1.25 million (which, given recent events, seems like a bargain).

Companies, on the whole, prefer to settle issues outside of court rather than go to trial. But, in the case of data breach claims, this is particularly true since there is essentially no precedence for these kind of cases in the courts.

Companies like Home Depot and Sony have no clue what would happen if a data breach lawsuit went to trial, which is a terrifying scenario.

Settlements for Data Breach Notable Settlements

Here are some of the most high-profile data breach settlements in recent years:

  • $115 million for Anthem
  • $28.5 million ($18.5 million for states, $10 million for consumers) is the goal.
  • $19.5 million settlement with Home Depot (affecting 50 million cards).
  • Sony has been fined $15 million for a security violation on its PlayStation network.
  • $12.8 million ($11.6 million for customers, $1.2 million for states and the FTC) was awarded to Ashley Madison.
  • Sony (data breach involving employees): $8 million
  • $4.1 million for Stanford University Hospital and Clinics
  • $3.1 million AvMed Inc.
  • $3 million Vendini
  • $2.1 million Schnuck Markets

As data breaches become more common and larger in scope, so will the subsequent settlements.


If You’ve Been Breached, Here’s How to Tell

If you were the victim of a data breach, you should have received notification from the affected firm, most likely by email. Whether they didn’t, and you found out about the breach via other means, you should contact them right once to find out if your personal information or privacy was compromised.

Visit Have I Been Pwned, a website built by Troy Hunt, a web security expert and Microsoft Regional Director, to see whether your data was compromised in a cyber breach. Simply input your email address, and the site will notify you whether or not your personal data has been hacked.

You may have been the victim of identity theft if you see unusual behavior on your credit card or bank account. Call your bank or financial institution right once to report the scam and take the necessary steps.

You may also wish to get in touch with us to discuss your legal alternatives.

How to Safeguard Yourself Against Identity Theft

Using a secure and unique password for each account or website is the best approach to protect yourself against data breaches in general. (Apps like LastPass can help you keep track of them.) Don’t reuse passwords or keep using the same one for years. Make your password anything other than your birthday, such as “Password123” or “dadada.”

While feasible, use multi-step verification and cover your PIN when entering it at shops or ATMs. In the case of a breach, all of these safeguards may help protect you and your identity.

Eligibility for a Data Breach Lawsuit

Only a professional attorney can tell you whether you have a case based on a data breach. To do this, he or she will take the following steps:

  • Determine if the organization failed to implement precautions that would have prevented the data breach, such as encrypting consumer personal information.
  • Check to see whether the organization alerted consumers as soon as it was aware of the data breach.
  • Obtain a comprehensive list of all those who have been impacted by the breach.
  • Examine the company’s rules and customer agreements to see whether they were broken.
  • Examine the company’s policies against industry norms.

The lawyer will also look into if any state laws have been broken. For example, in Florida, firms that have been the victims of data theft must notify any consumers whose information has been taken within 45 days of the breach’s discovery.

If you fulfill the qualifying requirements, you may be entitled to compensation for losses incurred as a result of the violation.

Damages from a Data Breach

An attorney may also assist you in determining the damages you have suffered as a result of the data breach and pursuing compensation for these losses. These may include the following:

  • The price of changing credit and debit cards, as well as the cost of getting credit reports and credit insurance
  • Companies that assist safeguard personal information and monitor your accounts to ensure no fraudulent activity occurs charge service fees.
  • Expenses connected with correcting inaccurate data
  • Any out-of-pocket costs incurred as a consequence of the security breach

Identity theft and privacy invasion also have an emotional cost for victims, which might be included into the compensation requested. 

We would want to hear from you.

Our lawyers at are committed to assisting customers who have experienced financial or reputational loss as a result of a data breach. We hold the powerful responsible by bringing lawsuits against the firms that were harmed as a result of these heinous acts.

We’ve helped over 200,000 customers win over $2 billion in settlements and awards, and we only get paid if your case is satisfactorily resolved.

We want to hear from you if your credit card information, social security number, email address, password/PIN, or other sensitive information was taken as a consequence of a data breach. For a free legal consultation, please contact us now.

Watch This Video-

Frequently Asked Questions

How much can individuals sue companies for in the event of a data breach?

A: Individuals can sue companies in the event of a data breach.

What is the biggest payout in a lawsuit?

A: The biggest payout in a lawsuit is the settlement.

Can I sue for a data breach?

A: Yes, you can sue for a data breach. Data breaches are typically seen as an invasion of privacy and may be deemed illegal depending on what information was exposed.