Our Data Privacy Lawyers in DC

A data breach occurs when an unauthorized third-party accesses, retrieves, or otherwise views confidential private information. Oftentimes, a data breach results from a company’s failure to properly safeguard consumer information. The breach could stem from inadequate digital security or simple employee negligence. In either case, the consequences can devastate a consumer’s privacy, financial security, and general reputation. Migliaccio & Rathod LLP’s data privacy lawyers in DC practice nationwide and are committed to providing meaningful relief for those impacted by a data breach. 

Please contact our public interest lawyers for a free consultation if you believe your private information has been compromised by a data breach. 

Settlements

For information on Data Privacy Settlements visit Class Action Settlements & More.

Current Cases

Libman v. Apple, Inc., Case 5:23-cv-00505 (N.D Cal.).M&R has filed suit against Apple, alleging that, contrary to its privacy promises,  Apple tracks and collects an enormous wealth of data and personal information from its Mobile Device Consumers while they are using its apps, in spite of users having their privacy settings set to intentionally stop  any tracking of their usage and consequent sharing of their data usage with third parties. We allege Apple aggressively collects, transmits, exploits, and uses for its financial gain, details about consumers’ usage, browsing, communications, personal information, and even information relating to the Mobile Device itself, without the consent or authorization of Mobile Device Consumers.

 Doe v. Lastpass Us Lp, Case No.1:23cv10004 (D. Mass). Migliaccio & Rathod has filed suit against leading password manager, LastPass, for its alleged failure to protect sensitive customer data in the wake of a massive data breach that LastPass first disclosed in August 2022. At the time, LastPass reported that a threat actor had gained unauthorized access through a single developer account to portions of LastPass’s development environment, stealing “source code and some proprietary LastPass technical information.” However, the company recently provided an update on the data breach, saying the breach was worse than originally thought, and that hackers were also able to access customer personal information and related metadata, including company names, end-user names, billing addresses, email addresses, telephone numbers, and IP addresses customers used to access LastPass services. The hackers also copied a backup of customer vault data that included unencrypted data, including website usernames and passwords, secure notes, and form-filled data.

Joaquin-Torres v. Nelnet Servicing, LLC, Case No. 4:22-cv-03196 (D. Neb.). M&R has filed suit against the student loan servicing giant Nelnet in a putative class action lawsuit.  Student loan borrowers allege that Nelnet failed to protect their personal data against a cyberattack, leading to an increased likelihood of identity theft.

Stewart v. Practice Resources, Case No. 6:22-cv-00890 (N.D.N.Y.). Migliaccio & Rathod LLP has filed suit against the Syracuse, New York-based Practice Resources, LLC (“PRL”), a medical billing and information technology company that provides services to various healthcare entities, for failing to safeguard sensitive patient information in a data breach that was reported in August of 2022. In the latest update in this matter, our firm has been appointed lead counsel.

Leonard v. McMenamins, Inc., Case No. 2:22−cv−00094 (W.D. Wash.). On January 28, 2022 the law firms of Migliaccio & Rathod LLP and Breskin Johnson Townsend PLLC filed a class action lawsuit against McMenamins, Inc.  The lawsuit alleges that McMenamins failed to safeguard sensitive employee information in a ransomware attack that affected past and present employees from January 1, 1998 to December 12, 2021.  Among the categories of information lost in the ransomware attack were direct deposit banking details included in employees’ hiring documents.  Additionally, the lawsuit alleges that even though McMenamins has been aware of the incident since December of 2021, the company still has not been able to recover the personal data contained within the files lost during the ransomware attack.  The complaint is available for viewing here. We recently just overcame a motion to dismiss and are continuing the case.

Bickham v. ReproSource Fertility Diagnostics, Inc., Case No. 1:21-cv-11879 (D. Mass.). Migliaccio & Rathod LLP has filed suit against the fertility testing company ReproSource in a putative class action lawsuit.  ReproSource provides a wide variety of fertility diagnostics to hundreds of thousands of patients across the country, as well as providing consultation services to fertility centers. In October of 2021, ReproSource first announced that it learned of a ransomware attack that allowed an unauthorized party to access or acquire protected health information and personally identifiable information of its patients. Upon investigation, ReproSource estimated that at least 350,000 patients were affected by this data breach incident. Patients allege that ReproSource failed to protect their personal data against a cyberattack, leading to an increased likelihood of identity theft.

Bryan et al. v. BioPlus Specialty Pharmacy Services, LLC, Case No. 6:22-cv-00030 (M.D. Fl.). Migliaccio & Rathod LLP has filed suit against BioPlus Specialty Pharmacy Services in a putative class action lawsuit.  BioPlus offers a number of pharmacy services, including patient and provider pharmaceutical approval, and prescription fill and refill services.  In December of 2021, BioPlus first announced that it an unauthorized party gained accessed to their IT network between October and November of 2021, gaining access to patients’ protected health information and personally identifiable information. Upon investigation, BioPlus estimated that at least 350,000 patients were affected by this data breach incident. Patients allege that BioPlus failed to protect their personal data against a cyberattack, leading to an increased likelihood of identity theft.

RE: ESKENAZI HEALTH DATA INCIDENT LITIGATION, Cause No. 49D01-2111-PL. (Ind. Sup. Ct). Migliaccio & Rathod, alongside five other law firms, has filed a putative class action lawsuit against Eskenazi Health. Eskenazi is a public hospital and healthcare provider offering a range of primary and specialty care services throughout Indianapolis.  On November 11, 2021, Eskenazi notified patients, employees, and providers that an unauthorized party had gained access to certain Personally Identifiable Information and Protected Health Information in May of 2021. Upon investigation, Eskenazi estimated that about 1.5 million patients, employees and providers were affected by this breach incident. Plaintiffs allege that Eskenazi failed to protect their personal data against a cyberattack, leading to an increased likelihood of identity theft.

Whitkanack v. ARcare, Case No. 74CV-22-46. (Ark. Cir.). Migliaccio & Rathod LLP has filed suit against the healthcare company ARcare in a putative class action lawsuit.  Shopify provides primary care, behavioral health, pharmacies, community outreach programs and other healthcare services. In February of 2022, ARcare was alerted that an unauthorized party had gained access to its network, and in April of 2022, ARcare first posted notice of this data breach incident on their website. gaining access to patients’ protected health information and personally identifiable information. Upon investigation, ARcare estimated that at least 345,000 patients were affected by this data breach incident. Patients allege that ARcare failed to protect their personal data against a cyberattack, leading to an increased likelihood of identity theft.

Salinas et al. v. Block, Inc. et al., Case No. 3:22-CV-04823. (N.D. Cal.). Migliaccio & Rathod LLP has filed suit against the stock trading platform Cash App in a putative class action lawsuit.  In December of 2021, Block, Inc., the parent company of Cash App was alerted that a former employee had downloaded certain Cash App reports containing U.S. customer information without permission. In April of 2022, Block first announced this data breach incident to their customers. Upon investigation, Block estimated that 8 million current and former customers may have been affected by this data breach incident. Customers allege that Block failed to maintain reasonable data security measures to protect customers’ private information, leading to an increased likelihood of identity theft.

Rodriguez v. Stratford University, Inc., Case No. 1:22-CV-01048 (E.D. Vir.) Migliaccio & Rathod LLP has filed suit against the private Virginia-based university named Stratford University in a putative class action lawsuit.  In April of 2022, Stratford was alerted of a cyberattack and first announced this data breach incident to their students via email. In January of 2023, Stratford notified its students and employees of another data breach incident which occurred in August 2022. Upon investigation, Stratford estimated that most of its students and employees may have been affected by this data breach incident. Students and employees allege that Stratford failed to maintain reasonable data security measures to protect their private information, leading to an increased likelihood of identity theft.

Lowrey v. Mindpath Health, Case No. 2:23-CV-00185. (E.D. Cal.). Migliaccio & Rathod LLP has filed suit against the health service provider Mindpath in a putative class action lawsuit. Mindpath provides outpatient behavioral and mental health services in eight states across the United States. In July of 2022, Mindpath discovered unauthorized activity in its computer systems and in January of 2023, first announced this data breach incident to their patients. Mindpath failed to provide information about whether the Breach was system wide and how many patients were affected. Patients allege that Mindpath failed to maintain reasonable data security measures to protect their private information, leading to an increased likelihood of identity theft.

Investigations

Find all up to date investigations here.

To report a data breach not listed above or in our active investigations, complete our questionnaire here:

*Prior results do not guarantee a similar outcome