As Computer World reports, a newly filed lawsuit against eBay shows how data breaches are becoming big business for lawyers.
The breach, which was discovered in February, has led to a $5 million class action lawsuit against the auction site. Amazingly, this figure only represents a fraction of the total costs eBay will pay for the breach once legal fees and other costs are tallied.
These early phase lawsuits after a breach are becoming the norm. A week after Target's data breach was made public, multiple consumers had already filed lawsuits. So while businesses reel from breaches and try to upgrade their infrastructure in the midst of a PR mess, they now have to deal with lawsuits – sometimes days after a breach.
To make sure you’re prepared for worst case scenarios, let's go over what IT consultants need to know about data breach lawsuits, including…
- How a data breach lawsuit works.
- Where eBay went wrong in handling the breach.
- How IT professionals can protect themselves from similar lawsuits.
Data Breach Lawsuits: How They Work
While every IT professional dreads a lawsuit, many don't understand exactly how cumbersome they can be. Lawsuits can take years, absorbing countless hours of a business owner's life.
When a lawsuit is filed against a business, its lawyers first have to file a response to the allegations. Depending on the response, a trial date is set (often a year or so down the road), and both sides have an opportunity to request evidence from the other party.
After a year's worth of legal fees and investigations, the case might finally go to trial. Many businesses simply can't afford the high price or endure the strain of a lawsuit, which may lead to filing bankruptcy.
In the case of a data breach, a client can sue their IT contractor for…
- Damages to their reputation.
- Lost profits.
- Security repair costs.
- Other expenses related to managing the aftermath of the breach.
For more on the lingering effects of a data breach, see "Data Breach Ripple Effects: The Scary Truth."
No Bids Here: How eBay Botched Its Data Breach Response
As the eBay case demonstrates, one of the hardest parts of a data breach response is handling customer notification and complaints.
The ecommerce company acknowledged the February breach to news agencies, but didn't notify customers until May. Though customers knew about the breach – it was public knowledge by that point – they were left waiting in suspense for more information about their data security.
In the post, "Survey: Consumers Find Data Breaches Only Slightly Better than Oil Spills," we reported consumers consider a data breach the third worst thing for a company's reputation. When eBay mishandled their customer notification, it certainly didn't win the company any PR favors.
Spare Your Tech Business the Cost of Data Breach Lawsuit
Don’t have hundreds of thousands of dollars lying around? Most Professional Liability Insurance policies for IT consultants offer $1 million in lawsuit coverage, which can protect you from big data breach / identity theft lawsuits.
For free IT insurance quotes, contact a TechInsurnace agent at 1-800-688-7020, or submit an online insurance application.
