By: Lynn A. Toops, Attorney
Complaints about identity theft rounded out the top five consumer complaints received by the Indiana Attorney General in 2015. This comes as no surprise given the increase in data breaches over the past few years. One of the first major data breaches occurred at Target stores. In 2013, Target stores announced approximately 40 million customers had their personal information compromised after hackers accessed debit and credit card information. This was considered one of the largest data breaches in history as cyber thieves accessed information stored on the magnetic strip on the back of these payment cards including names, card numbers, and three-digit security codes putting these consumers at a high-risk for identity theft.
Data breaches move from financial transactions to the healthcare industry
The Target data breach was just the tip of the iceberg. Shortly after that cyber-attack was announced, other retailers were also the subject of data theft. Neiman Marcus, White Lodging Hotels, Sally Beauty Supply, and Michael’s Craft Stores all reported payment card information data base breaches. In many of those cases hundreds of thousands of consumers had their personal information stolen by hackers. Information including names, payment card information, and sometimes street addresses was stolen by identity thieves. Unfortunately these privacy violations didn’t stop there.
In February 2015, healthcare insurer Anthem reported a data breach affecting approximately 80 million customers. The company reported that cyber thieves accessed customer names, social security numbers, addresses, email addresses, phone numbers, employee information, and income information. This data breach had the potential to do more harm to consumers as the identity thieves gained access to social security numbers – including those of children who were insured by their parents — which could be used to open fraudulent accounts. Class action lawsuits were filed against Anthem for failing to safeguard sensitive information of its customers. The lawsuits have been consolidated in a California Federal Court and are pending litigation.
Shortly after that data breach, Medical Informatics Engineering, Inc. (MIE) reported that cyber thieves had accessed nearly 3.9 million client records. These records included private information including patient names, addresses, social security numbers, dates of birth, and protected health information such as lab results, health insurance policy information, diagnoses, medical conditions, doctor’s names, and child’s names and birth statistics. The amount of damage that could be done by identity thieves with this depth of information is staggering.
How can a credit freeze protect a consumer?
The Indiana Attorney General’s office has responded to consumer complaints regarding identity theft by recommending consumers place a credit freeze on their personal information to attempt to protect against new identity theft. For more information about how a credit freeze works or to place a credit freeze on your personal file click the link above and follow the instructions. The Indiana Attorney General’s office also offers some assistance to victims of identity theft.
Privacy violations and your legal rights
If you are a victim of a data breach from a retailer, financial institution, or healthcare provider and experienced identity theft including tax fraud or medical fraud, you should speak to an attorney to discuss your legal rights and options. Cohen & Malad, LLP class action attorneys have spoken with thousands of people whose privacy was violated when a business failed to safeguard sensitive customer information. Call us or click here to learn more about privacy violations.
(photo credit: morguefile)