Call Us

Data Breach and Identity Theft Lawyers

Posted On behalf of Pfeifer Morgan & Stesiak

on August 31, 2021


person hacking into a computer Have you been impacted by identity theft or a breach of data privacy?

Identity theft is on the rise, and once your sensitive data has been stolen, it can cause significant and long-term personal and financial losses. Many victims may feel hopeless or out of control because they do not know what to do or what legal steps may help to minimize or repair the damages.

If you were a victim of identity theft or a data breach, contact Pfeifer Morgan & Stesiak to speak with one of our data breach attorneys today. Schedule a free consultation to learn about how we may be able to help you recover financial losses and hold at-fault parties accountable. There is no obligation to file a claim after this meeting.

Sometimes it may be possible to join a class action lawsuit against the entity that suffered a data breach and allowed your information to get out. This is something you can discuss in a free consultation.

Get answers to your legal questions today. Ph: (844) 678-1800

How Can an Attorney Help?

According to Experian, about 1 in 20 Americans are reportedly impacted by some form of identity theft each year.

Unfortunately, once data is stolen, recovering and repairing the damages is an extensive and challenging job and victims can greatly benefit from the help of a licensed attorney.

At Pfeifer Morgan & Stesiak, our knowledgeable consumer protection lawyers are prepared to work tirelessly on your behalf to help recover your financial losses and other damages that may be available. The steps we may take include:

  • Determining if there is an existing class action lawsuit against a negligent company for your data breach
  • Assessing whether there is a business or other third party that can be held liable for your damages
  • Examining police reports or other documents if your case was investigated
  • Reviewing evidence or details you may have been able to collect on your own
  • Engaging experts, such as a forensic specialist, to research how your identity was stolen
  • Taking steps to help repair and restore credit that has been damaged

How Are Data Breach and Identity Theft Different?

Many people may get confused with these terms, both of which involve the unauthorized use of your sensitive and personal data. However, the legal actions you may be able to take are not the same. With the increase in cybercrimes it is important to understand the difference.

Breach of Data Privacy

A data breach involves the unlawful access of personal data through business or government entities and using or disclosing it without the data owner’s consent. Your data may get sold to third parties, be used to open credit cards in your name and more.

Recent, widely-publicized data breaches include:

  • Equifax announced a significant data breach in September 2017. This breach exposed the sensitive personal information of 147 million individuals. Equifax paid a global settlement of up to $425 million through the FTS, The Consumer Financial Protection Bureau and all 50 states and territories to help those individuals.
  • Yahoo had five separate data breach incidents from 2012 to 2016. The first two breaches impacted the personal information of 3 billion users. In March 2021, Yahoo agreed to a $117.5 million settlement for 194 million individuals affected.
  • Facebook, Instagram and LinkedIn – In January 2021, a data leak through a Chinese social media management company, SocialArks, exposed personally identifiable information (PII) of at least 214 million individuals with Facebook, Instagram and LinkedIn accounts.

Data breaches often occur when companies fail to adhere to federal privacy laws or implement sufficient security to protect their customers’ data. In these situations, companies may bear liability and victims may be able to take action against them.

Identity Theft

In addition to a breach of data privacy through a company or through a vendor, individuals can have their identity stolen individually. This type of identity theft also allows the perpetrator to gain access to your personal sensitive information and use it without your knowledge or authorization.

Sensitive data that may be exposed in either type of attack may include:

  • Your name and address
  • Date of birth
  • Social Security number
  • Credit card numbers

Common Types of Identity Theft

Cybercriminals steal personal data typically for financial gain, but there are many ways your data, once stolen, may be used,


This type of identity theft is probably what most people know best. Identity thieves use your sensitive information to open credit accounts, purchase vehicles or other expensive items.


If someone has your data and gets arrested for committing a crime, he or she may give your personal data. Most victims are unaware this has happened until something drastic brings it to light, such as getting arrested for a crime you did not commit, receiving a court summons or having criminal activity show up on a background check when you apply for a job.


Medical identity theft has been around for decades, and it is one of the most difficult types of identity theft to resolve. Perpetrators who assume your medical identity may be able to:

  • Obtain medical care in your name, which adds inaccurate information, such as injuries or illnesses, to your records
  • Fraudulently obtain prescription medication to use or sell
  • Use your health insurance benefits
  • Impact your own medical care in ways that could harm you physically, such as if you erroneously receive treatment based on the perpetrator’s blood type or allergies
  • Cause your valid medical claims to be denied
  • Abuse of prescription drugs, such as narcotics, which may impact your ability to get a job and more

Child Identity Theft

Since a child does not yet have a credit history, their Social Security numbers are very valuable to an identity thief. Parents or legal guardians may not think to check their child’s credit, so victims may not discover the theft for years.

How Does Identity Theft Impact Victims?

When an individual becomes a victim of identity fraud, it is not only an invasion of privacy, but it creates damages that can have a far-reaching and lasting impact on that victim’s life. Victims are often affected in these four ways:

  • Financial impact – Identity theft may create financial hardships, damage a victim’s credit, impact his or her ability to get a job or get credit to purchase a home, car and more. Cleaning up and repairing the damage takes time and involves a lot of hurdles and delays.
  • Emotional damages – Victims may feel anger, helplessness, fear for their financial future, embarrassed by the damage to their financial reputation and more.
  • Physical toll – Many victims suffer sleep disturbances, anxiety, depression, increased stress and more. Additionally, the emotional impact can also lead to other physical damages, including heart palpitations, stomach issues, body pain and sweating.
  • Social impact – There are many ways a victim may be affected in a world that relies so heavily on social media, such as for personal contact, gaining employment or branding a business, and more.

Who May Be Held Liable For Damages?

Legal action for data breaches is handled differently than for a single incident of identity theft. This is something one of our qualified attorneys can explain to you further in a free consultation.

Data Breach Class Action

When there is a data breach, victims may often be able to participate in a class action lawsuit against a negligent company.

Every U.S. state has legislation that requires organizations and government entities to notify individuals if their personally identifiable information has been leaked in a security breach. If you receive this type of notification, we recommend contacting a data breach and identity theft attorney as soon as possible to discuss your situation.

Identity Theft Legal Action

If your identity was stolen by an individual person, it may be harder to track that perpetrator down and hold them accountable. That said, even in individual cases of identity theft, there may be multiple parties who share some liability for your damages, including:

  • Banking institutions
  • Credit bureaus (such as Experian, Transunion and Equifax)
  • Credit card companies
  • Employers and other businesses
  • Government entities
  • Other financial, loan or investment institutions

When you meet with a qualified attorney to discuss what happened, it is helpful to bring any information you have already gathered on the incident. This could include any supporting documentation, such as banking statements that show the damages, police reports, if there was an investigation, and anything else that may provide insight and information about the claim.

Causes of action in this type of claim may vary, and may include:

  • Invasion of privacy
  • Breach of fiduciary duty
  • Negligence
  • Infliction of emotional distress
  • Breach of contract
  • And more

What Damages Can You Seek?

Available damages vary from case to case. The type and amount of compensation you could receive depends on the type of identity theft you suffered, and other unique considerations. That said, types of damages you may be eligible to receive may include compensation for your financial losses, emotional damages, and injunction relief to stop collection for debts you did not incur.

How Companies Are Responsible for Protecting Your Data

The organizations, corporations and health care providers you do business with are required to implement privacy and security policies to help protect consumer and patient data. There are also federal data privacy laws that organizations must follow to further protect their clients’ sensitive information, including:

  • Health Insurance Portability and Accountability Act (HIPAA): pertains to safeguarding a patient’s protected health information (PHI). Covered entities under HIPAA include hospitals, healthcare providers, health plans, healthcare clearing houses and business organizations and associates.
  • Children’s Online Privacy Protection Act (COPPA): implements rules and tools to help parents place limitations on what personal information about their children websites and other online services may collect and use.
  • Gramm-Leach-Bliley ActThis law requires financial institutions, such as banks and investment companies, to explain how a customers’ data may be shared, and how they safeguard their sensitive data.
  • The Privacy Act of 1974At a high level, this law is intended to protect an individual from the unwarranted disclosure of personal records or other private information without that person’s knowledge or consent.
  • The Federal Trade Commission’s Identity Theft Red Flag Rules – Financial institutions are required to implement policies and programs that will detect, prevent and mitigate breaches of consumers’ sensitive data.

Steps That May Help to Protect Your Data and Identity

While there is no way to fully guarantee the protection of your identity in this cyber-focused world, there are steps you can take that make it harder to become a victim, including:

  • Monitor your credit regularly: Doing this regularly, even monthly, can help you find and mitigate inaccuracies or fraud sooner.
  • Shred mail or documents with sensitive data: This includes expired credit cards, bank statements, bills, receipts or anything that an identity thief could use to get information about you.
  • Freeze your credit: You can freeze your credit through each individual credit bureau (Equifax, Experian and TransUnion), which can help prevent any new accounts from being opened without your knowledge or consent.
  • Securely protect and monitor your Social Security Number: Never carry your card with you or share your SSN, either over the phone or in person without finding out: who wants it, why it is needed, how it will be used and how it will be protected. Just because you are asked for it does not mean you are required to give that information.
  • Be mindful of scams by phone or email: If you do not know the sender or caller, or the information being asked for seems “odd”, take additional steps to confirm whether the call or email is valid. For example, say you get an email from Amazon saying your account is locked until you update your information. Call Amazon directly to report it and find out if something with your account is amiss.
  • Protect your digital footprint: This caution applies whether browsing online or downloading an app to your phone. Always try to find out whether the app is legitimate and what data it is collecting from you. Regularly do searches online, and in social media, to see if anyone is using your identity online.
  • Be Alert While on Public WiFi:  Never do any transactions that require you to input personally identifiable information over a public WIFI. These connections are never secure and are an easy target for a would-be-hacker.
  • Use strong passwords: Avoid passwords that are easily guessable, like children’s names, birthdates, etc.

What You Can Do If Your Data is Stolen

Here are a few steps you can take if you suspect your data or identity has been stolen:


Often victims may find something wrong in their credit account or their checking, credit card or banking statements. Check against your own records to confirm an invalid purchase, unauthorized credit check and more. You can also check income tax filings to see if any have been fraudulently filed in your name. Another sign someone may be using your identity is if you start getting debt collection calls from unknown accounts.


Once you confirm your information is fraudulently being used, you should take immediate action to report the theft to:

  • All three credit bureaus, simultaneously requesting a fraud alert on your account
  • Credit cards – Ask your creditors to notify you before accepting charges, account changes or opening new ones.
  • Banking institutions – any financial accounts, including putting a stop on any missing or unauthorized checks
  • Contact law enforcement about the theft.
  • Get help from a qualified attorney.


Once you have reported the theft, it is important to continue monitoring all your accounts. Catching fraudulent uses of your credit can help to limit the financial damage. Staying watchful about any changes on all three credit reports can also help you find out where the perpetrator is using your credit. This can be helpful to law enforcement in tracking down the perpetrator.

Call a Data Breach Lawyer for Assistance

Not being alert or watchful of accounts that impact your credit and finances can make it easier for would-be thieves to get away with taking your money and damaging your financial reputation.

Contact Pfeifer Morgan and Stesiak for legal help if you are a victim of a data breach or identity theft. You can meet with one of our experienced data breach attorneys to discuss your situation and get answers to your legal questions. If we represent you, we are prepared to fight to help you recover your financial losses and other damages.

FREE Case Review. Call (844) 678-1800 today.

Pfeifer, Morgan & Stesiak

Serious Attorneys for Serious Cases

See the latest
Related Articles