There has been a surge in data breach class actions this year, with the monthly average of such cases more than doubling compared to last year. From January through August, the average number of data breach class actions was 44.5, compared to last year’s average of 20.6. Additionally, there has been a significant increase in reported data compromises, with a 114 percent rise from Q1 to Q2 of 2023. This reflects the highest number of breaches ever recorded in a single quarter. The cost of these breaches is also on the rise, with the global average breach cost reaching $4.45 million, a 15 percent increase over the past three years.
In light of these statistics, it is crucial for business leaders to acknowledge that any organization can be targeted by an attack. It is important for them to pay attention to the data breach class action landscape and consider the bigger picture. When significant data breaches occur, class action exposure increases exponentially. Therefore, organizations need to develop proactive breach response plans that account for risk mitigation and potential class action liability.
Several factors contribute to the rise in data breaches. As the world becomes increasingly digitized, there is more information available for bad actors to access. These actors are developing more sophisticated ways to target sensitive information, while organizations are generating and storing record amounts of data. Advanced technologies are also being used as tools to intercept information. Ransomware attacks have become particularly prevalent, with demands increasing from thousands to millions. Other trending attack methods include phishing, multifactor authentication breaches, and malware.
Large-scale hacks have also contributed to the surge in breaches. The ongoing MOVEit hack, which began in May 2023, exemplifies how widespread attacks can quickly put numerous organizations at risk. These events have the potential to lead to large class action lawsuits against the software creator and its customers. The increased court education, regulatory rules, cyber insurance mandates, and media reporting on data breaches have further highlighted the importance of this issue. Consequently, more class actions are being filed, and courts are allowing certification. Settlements are also higher due to the number of affected consumers and the public attention on breaches.
Breached organizations must act quickly to mitigate the damage and explain security gaps to protect their reputation. It is crucial to anticipate both data breaches and the potential class actions that may follow. Organizations should review their security gaps regularly and make breach prevention a top priority. Investing in cyber preparedness is essential, as demonstrated by the 51 percent of organizations planning to increase cybersecurity spending due to internal breaches.
To effectively tackle data breaches and potential class actions, organizations should stay informed about the changing landscape and improve policies and procedures related to threat management. Seeking assistance from external consultants with expertise in cybersecurity and class actions can be beneficial. These consultants can identify cyber gaps, integrate new tools or information governance approaches, advise on incident prevention and response programs, monitor breach and class action trends, provide breach response services, and handle class action administration if necessary.
By combining internal efforts with external resources, organizations can better handle data breaches and reduce the risk of class actions. This approach ensures peace of mind and helps maintain good cyber hygiene.[Source: View source.]