Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...
A massive putative class of consumers already suing Yahoo! Inc. over breached personal data may expand to cover another 1 billion compromised accounts, class action attorneys said.
Two huge data breaches that Yahoo revealed in the past four months may be consolidated in Silicon Valley’s federal court, they told Bloomberg BNA.
If consolidated, Silicon Valley stalwart Judge Lucy Koh would likely be tasked with presiding over the largest data breach in history. Her past experience handling some of the technology sector's trickiest cases, such as Apple Inc. and Samsung Electronics Co.'s long-running patent case, may help consumers and companies better handle the complex litigation ahead.
Jay Edelson, plaintiff-side partner and founder of Edelson PC in Chicago, told Bloomberg BNA Dec. 15 that the data breach litigation likely “will get rolled up” into a single multidistrict case. Additionally, any “derivative hacks—i.e. hacks of specific user accounts on other, unrelated services,” may also get pulled into the same multidistrict litigation.
Barry Goheen, class litigation partner at King & Spalding LLP in Atlanta, told Bloomberg BNA Dec. 15 that most data breach litigation gets settled before the court even considers class certification. There may be some commonalities with the breaches, but combining two breaches of such magnitude is “uncharted waters,” he said.
Yahoo said in a Dec. 14 statement that it had discovered a major data breach that affected over 1 billion accounts. The company said in a statement that it hasn’t been able to identify the intrusion associated with the theft, which occurred in August 2013.
The recent breach has also reinvigorated calls for Verizon Communications Inc. to abandon its deal with Yahoo or drastically cut its agreed to merger price of $4.8 billion. The deal was expected to close in the early part of 2017, Bloomberg data show, but the recent breach may have impacted those plans.
Yahoo is the ninth largest public internet media company in the world with approximately $39 billion in market capitalization, Bloomberg data show.
On the same day of the recent announcement, a class complaint—what is no doubt the first of many—was filed in the U.S. District Court for the Northern District of California claiming Yahoo failed to provide adequate data security to “protect users’ personal and private information.”
Multiple federal class actions were filed in regards to the first breach that affected over 500 million accounts. The Judicial Panel on Multidistrict Litigation consolidated 14 class complaints from the first breach. The first breach was disclosed in September but Yahoo may have known about the attack as early as 2014.
The question now is whether lawsuits over the two incidents will be consolidated into a single proceeding. In general, cases aren’t consolidated unless they arise from common questions of fact. In this instance, that might mean whether the hacks in the two breaches were carried out by similar means or exploited some common data security vulnerability.
Goheen said that if the plaintiffs are able to prove through discovery that the same security flaw existed in both data breaches then class certification may be appropriate. However, a company simply experiencing a prior data breach “doesn’t satisfy commonality at all,” he said.
Although Yahoo may be hoping the cases are consolidated to save attorneys fees and other litigation costs, it will still have to fight state litigation, federal and international enforcement probes and almost certain congressional investigations.
Yahoo spokesman Charles Stewart declined to comment to Bloomberg BNA on the ongoing litigation.
To contact the reporter on this story: Daniel R. Stoller in Washington at firstname.lastname@example.org
To contact the editor responsible for this story: Donald Aplin at email@example.com
Copyright © 2016 The Bureau of National Affairs, Inc. All Rights Reserved.
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to firstname.lastname@example.org.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to email@example.com.
Put me on standing order
Notify me when new releases are available (no standing order will be created)