The PLUS Cyber Symposium webinar, Cyber and Class Actions Litigations are on the Rise, discussed the changes in the data breach class action space over the last several years from the broker, insured, plaintiff, and defense perspective. Traditionally, class action lawsuits have been filed in response to what we call mega breaches Target, 40 million consumers, Home Depot, 50 million and T Mobile 50 million, among others. 

More recently, class actions are being filed in much smaller matters involving all population sizes, some even in the low five figures which has resulted in an almost doubling of filings between 2022 and 2023.  

So, what are some factors having the biggest impact on these filings?  

  • Laws with private rights of action and ease of filing 
  • The growth of a very active plaintiff bar  
  • Social factors  

The Current Landscape 

 “There is a race to the courthouse steps, to file class actions, multiple class actions.”  

The 2023 ransomware numbers are now rolling out and these are higher than in 2021 and 2022. Which means a lot of breaches and ransomware payments. 

The ransomware model is changing into a double extortion. Now instead of only having the attorney general’s posting information about a data compromise, you actually have the people who caused it, who are broadcasting that the data has been exfiltrated and is available on the data leak site, and they’re selling it. 

We used to ask, “Is there standing? Is there injury?” Well, now you don’t have to necessarily speculate. You may be able to find what was taken.  

Previously when you had a ransomware matter there was a cadence of the way these claims really rolled out. It was months later when you would be dealing with a class action lawsuit. It’s not the case now. It seems that everything is happening at once.  

To learn more about the current landscape, trends, and future predictions you can tune in to the full discussion below.

Interesting in learning more about topics such as these? Join PLUS in New York on March 5th & 6th for the New York Cyber Symposium. Learn more and register below.

2024 Cyber Symposium

Meet the Speakers

Danielle Roth, AXA XL

Danielle Roth is Practice Leader and Head of Cyber Claims North America for AXA XL. In this role, Danielle and her team counsel policyholders with regard to pre-incident services, as well as comprehensive responses to data breaches and security incidents, and work with policyholders on the defense of class actions, regulatory investigations, as well as other E&O, technology and media claims. Danielle joined AXA XL in 2015, and 18 years of experience in the insurance industry. Prior to joining AXA XL, Danielle had over ten years of experience with E&O claims both on the carrier side and as monitoring counsel for various domestic and international insurance carriers. Danielle graduated from the University of Wisconsin-Madison with a B.A. in Psychology and in Journalism, and received her J.D. from Fordham University School of Law. Danielle is admitted to the New York State Bar.
Guillermo Christensen, K&L Gates LLP

Guillermo Christensen is a partner in the firm’s Washington, D.C. office. He is a member of the Antitrust, Competition, and Trade Regulation practice group.

Guillermo combines his experience as a former CIA intelligence officer, a diplomat with the U.S. Department of State, and an attorney to shape and inform the advice he provides to clients on enterprise risks involving cybersecurity, national security, and complex international business matters. Drawing on his national security background, Guillermo counsels clients in dealing with economic sanctions and embargoes administered by the Office of Foreign Assets Control (OFAC), including complex technology matters involving China, or fast moving compliance questions around ransomware payments. His work in national security-related mergers, acquisitions, and investments includes those requiring review by the Committee on Foreign Investment in the United States (CFIUS) or those involving export controls or the National Industrial Security Program (NISPOM). In the CFIUS context, Guillermo has worked in particular on high-technology, defense sector and critical infrastructure deals involving China, Russia, the Middle East, and Europe.
Deborah Hirschorn, Lockton Companies

Deborah is Managing Director, U.S. Cyber & Technology Claims Leader. In her role, she leads the overall strategic vision for Lockton’s cyber claims practice. She has extensive experience in cyber, technology errors and omissions and miscellaneous professional liability claims. Deborah has handled numerous complex claims, including ransomware incidents, third-party privacy class actions and business interruption matters. She has frequently spoken on panels addressing cyber exposures and risk management, including ransomware and incident response issues. Prior to Lockton, Deborah worked at BHSI, AIG and before that she practiced insurance coverage law.
Douglas McNamara, Cohen Milstein

Douglas J. McNamara litigates complex, multi-state class action lawsuits against manufacturers and consumer service providers such as banks, insurers, credit card companies and others. As a tireless advocate for consumers, he has worked on numerous cases involving data breaches, dangerous pharmaceuticals and medical devices, light cigarettes, defective consumer products, and environmental torts. 
Doug has been involved in precedent-setting cases that tackled issues of preemption, choice of law, and class certification. He is a hands-on litigator who takes pleasure in the details, facts, and documents of each case.  
Prior to joining Cohen Milstein in 2001, Doug was a litigation associate at an international defense firm, specializing in pharmaceutical and product liability cases. He started his career at New York City’s Legal Aid Society, defending indigent criminal defendants at trial and on appeal.