An apparent decline in the number of reported breaches affecting the retail industry has led to a decrease in data breach litigation filed in federal courts, says a law firm report.
There were 83 cases filed during the 15-month period from Oct. 1, 2014, through Dec. 31, 2015, according to a report issued Thursday by St. Louis-based law firm Bryan Cave L.L.P., “2016 Data Breach Litigation Report: A Comprehensive Analysis of Class Action Data Security Breaches Filed in United States District Courts.”
This was a nearly 25% decline from the total reported in the law firm's 2015 report.
Among other report findings:
• When multiple filings against single defendants are removed there were only 21 unique defendants during the period. The report says this indicates a continuation of the “lightning rod” effect, where plaintiff attorneys file multiple cases against companies connected to the largest and most publicized breaches.
• About 5% of publicly-reported data breaches led to class action litigation, which is a conversion rate consistent with prior years.
• Choice of forum continues to be primarily motivated by the states where the company and victims of the data breaches are based.
• There was a 76% decline in the percentage of class actions involving credit card breaches compared to the 2015 report, which most likely reflects a reduction in the quantity of high-profile credit breaches.
• Nearly 75% of cases included a negligence count, compared with 67% in the 2015 report.
• Plaintiff attorneys overwhelmingly focused on breaches involving data traditionally considered sensitive, such as social security numbers, as opposed to their previous focus on factors such as credit card numbers.
(Reuters) — U.S. federal, state and local government agencies rank in last place in cyber security when compared against 17 major private industries, including transportation, retail and health care, according to a report released Thursday.