Holding Companies Accountable When Your Personal Information is Exposed
When a company fails to protect your personal information from hackers, you have rights.
Gibbs Mura’s data breach attorneys have recovered hundreds of millions of dollars for data breach victims nationwide. We’ve secured landmark court-appointed leadership roles in some of the most significant data breach cases in history.
Contact one of our experienced data breach attorneys today for a free, confidential consultation.
What is a Data Breach?
A data breach occurs when unauthorized individuals gain access to sensitive personal information stored by a company, hospital, financial institution, or government agency. Breaches can result from:
Criminal hacking
Ransomware attacks
Insider theft
A company’s failure to implement reasonable security measures
When a data breach results from negligent, reckless, or intentional misconduct, the company responsible for safeguarding your data may be held legally accountable.
Victims of data breaches can suffer serious harm, including identity theft, damage to their credit, and ongoing exposure of sensitive personal and medical information.
Types of Data Breach Lawsuits We Handle
Healthcare & Medical Records Data Breach Lawsuits
Your medical records contain some of the most sensitive information imaginable — diagnoses, medications, treatment histories, insurance details, and Social Security numbers. When hospitals, health insurers, pharmacy benefit managers, or healthcare vendors fail to protect this information, the consequences for patients can be severe and long-lasting.
Gibbs Mura has litigated medical data breach lawsuits against major health systems and their technology partners, filing suit on behalf of hundreds of thousands of patients whose protected health information was wrongfully exposed.
Breaches involving financial institutions and payment processors put victims at immediate risk of fraud, unauthorized account access, and identity theft. When a bank, credit card company, mortgage servicer, or payment vendor fails to implement adequate security controls, consumers can pay the price for years.
Our attorneys have litigated financial data breach cases involving stolen credit card numbers, bank account information, Social Security numbers, and loan data. We have held both financial institutions and their third-party vendors accountable for failing to protect consumer financial privacy.
Major retailers, e-commerce platforms, and consumer-facing companies collect enormous amounts of personal data — names, addresses, email accounts, payment card numbers, and purchase histories. When this data is compromised through a cyberattack or inadequate security practices, millions of customers can be affected at once.
Gibbs Mura has represented consumers in retail data breach class actions involving some of the largest corporations in the country, and we continue to monitor and pursue newly reported breaches affecting consumers nationwide.
Gibbs Mura’s attorneys have prosecuted some of the largest and most influential data breach cases in the country. Our work has resulted in billions of dollars recovered for consumers and has helped shape the laws protecting privacy rights in the digital age.
Equifax Data Breach Lawsuit – $1.5 Billion Settlement
In 2017, Equifax exposed the Social Security numbers and personal information of more than 145 million Americans. Gibbs Mura was appointed by the court to help lead the litigation, resulting in the largest data breach settlement in history.
Anthem Data Breach Lawsuit – $115 Million Settlement
Gibbs Mura’s attorneys served in a court-appointed leadership role in the Anthem health insurance data breach class action on behalf of millions of patients whose medical information was exposed.
MGM Resorts Data Breach Lawsuit – $45 Million Settlement
Gibbs Mura’s attorneys serve in a court-appointed leadership role in litigation against MGM following data breaches in 2019 and 2023 in which the personal data of 10.6 million customers was stolen and posted on underground hacking forums.
Health Net & IBM — Medical Records Data Breach – Litigation
In March 2011, Health Net notified hundreds of thousands of patients that their private information had been compromised. Gibbs Mura filed suit alleging that Health Net and its server provider IBM violated patients’ privacy rights and consumer protection laws.
Adobe — User Data Breach – Class Action
In November 2013, Gibbs Mura filed a class action against Adobe after a breach affecting approximately 38 million users, alleging Adobe failed to use industry-standard security practices contrary to its own stated privacy commitments.
Certegy Financial — Insider Data Theft – Litigation
Gibbs Mura represented thousands of consumers after a Certegy Check Services employee sold customers’ financial and personal data to third parties, alleging Certegy violated privacy rights and financial privacy laws.
Sequoia Benefits — HR & Payroll Data Breach – $8.7 Million Settlement (Preliminarily Approved)
Partner David Berger was appointed as Class Counsel, with the judge noting his “especially strong expertise in handling data breach class action litigation.” The case involved unauthorized access to sensitive data belonging to employees at over 1,700 companies, totaling over 580,000 people nationwide.
Our Data Breach & Privacy Legal Team
Gibbs Mura is a nationwide leader in class action lawsuits seeking to hold companies accountable for large-scale data breaches and privacy violations. The firm has prosecuted some of the largest privacy cases throughout the country, and its attorneys have received numerous awards for their data breach and privacy work, including:
“Cybersecurity & Privacy MVP”
“Top Cybersecurity and Privacy Attorneys Under 40”
Linda has recovered millions of dollars prosecuting fraud, breach of contract, and breach of fiduciary cases against large banks and insurance companies.
Jeff represents workers and consumers in complex class actions involving data breaches and privacy, employment law, and other corporate misconduct.
About Us
Gibbs Mura is a California-based law firm committed to protecting the rights of clients nationwide who have been harmed by corporate misconduct. We represent individuals, whistleblowers, employees, and small businesses across the U.S. against the world’s largest corporations. Our award-winning lawyers have achieved landmark recoveries and billions of dollars for our clients in high-stakes class action and individual cases involving consumer protection, data breach, digital privacy, and federal and California employment lawsuits. Our attorneys have received numerous honors for their work, including “Top Plaintiff Lawyers in California,” “Top Class Action Attorneys Under 40,” “Consumer Protection MVP,” “Best Lawyers in America,” and “Top Cybersecurity/ Privacy Attorneys Under 40.”
Concerned About a Data Breach?
Frequently Asked Questions About Data Breach Lawsuits
How much does it cost to hire a data breach attorney?
Nothing upfront. Gibbs Mura represents data breach victims on a contingency fee basis, meaning we only get paid if we recover money for you. There is no cost to consult with us.
How do I know if my information was affected?
If you received a notification letter, your information was likely compromised. Even if you did not receive a notice, you may have been affected. You can check your records and contact us — our team can help you determine whether you may have been impacted by a breach currently under investigation.
What compensation can data breach victims receive?
Depending on the case, compensation may include reimbursement for out-of-pocket losses from fraud or identity theft, compensation for time spent dealing with the breach’s effects, statutory damages available under applicable privacy laws, and in some cases, enhanced damages when a company’s conduct was particularly reckless.
Do I need to have experienced identity theft to have a claim?
Not necessarily. Courts have recognized that the exposure of personal information creates a real and cognizable risk of future harm, even before any fraud has occurred. Depending on the nature of the breach and the laws that apply, you may have a valid claim even if you have not yet experienced any direct financial loss.
What if the company is offering free credit monitoring?
Credit monitoring is not the same as compensation for harm. Companies frequently offer this in breach notifications to limit their exposure, but accepting it does not waive your right to pursue legal claims. We recommend consulting with an attorney before accepting or declining any offers from a breached company.
