The breach of sensitive customer data is a nightmare scenario keeping an ever-greater number of CEOs awake at night. It’s no wonder why, as vulnerabilities in cyber defense are constantly being revealed.

The public became aware of the newest massive data breach on July 29, after a U.S.-based software engineer released the application information of more than 100 million Capital One cardholders on GitHub. Capital One now faces the prospect of litigation and massive costs arising from the breach. The company is currently – and optimistically – estimating at least $150 million in costs.

At least two class action lawsuits were recently filed in the U.S. District Court for the District of Columbia and the U.S. District Court for the Eastern District of Virginia. Both lawsuits allege that Capital One was negligent in protecting the sensitive information of its customers.

Capital One acknowledged that approximately 140,000 Social Security numbers were involved in the incident, as well as 80,000 linked bank account numbers. Hundreds of millions of customers had their names, phone numbers, credit scores and other personal information exposed.

Does This Put Cloud Servers In Doubt?

J.P. Morgan Chase and Bank of America alone spend $1.4 billion per year on cybersecurity, for example. The fact that Capital One both failed to properly secure its data and spot when it was breached means Capital One may have a hard time avoiding liability, unless further clarifying details emerge.

What Could Capital One Have Done Differently?

According to the complaints, Capital One’s failure to protect the information of its customers constitutes negligence, breach of contract, and a violation of several consumer protection laws. While additional information may yet be revealed, it appears that the misconfiguration occurred on Capital One’s end. It is unclear at this time how Capital One failed to secure its firewall.

The complaints were filed exactly one week after Equifax settled claims arising from its own data breach for $650 million.

  • Equifax Sued Over Data Breach – Again (FindLaw’s In House)
  • Local Courts Are Now Targets for Cyberattacks (FindLaw’s Technologist)
  • The Benefits of Self-Regulation (FindLaw’s In House)

You Don’t Have To Solve This on Your Own – Get a Lawyer’s Help

Civil Rights

Block on Trump’s Asylum Ban Upheld by Supreme Court

Criminal

Judges Can Release Secret Grand Jury Records

Politicians Can’t Block Voters on Facebook, Court Rules