Monday, July 3, 2023

Data Breach: Steve and a real life hypothetical


Steve worked in a factory and fell, injuring his back. The back injury forced him to go on workers' compensation, and he settled his case for far less than it was worth, as is often the case. Eventually, he lost his job and his health insurance because, in America, healthcare is tied to employment. By then, the settlement money was long gone, and he still had thousands of dollars in medical bills with exorbitant interest rates.


Due to his lack of health insurance, Steve couldn't afford to pay his bills, and they accumulated at an obscene 29% interest. This damaged his credit score. Fortunately, he barely passed the credit check for his new job, which only paid half of what he made before. He also managed to pass the credit check for an apartment complex by a narrow margin.


Seven years after the injury, Steven was searching for another job as his lease on the old apartment was about to expire, and his landlord refused to renew. Around that time, Steve received a letter that almost ended up in the trash, but something made him open it. The company's name on the letter sounded familiar—it was the insurer from his workers' compensation case.


The letter informed Steve that the insurance company's systems may have been breached in a ransomware incident caused by a third-party. The company had known about it for a year but had just notified him and other victims. Steve recalled the company's stingy nature since they settled his case cheaply and failed to protect the data they possessed.


The insurance company assured Steve that they would resolve the situation and mentioned that there was no evidence the hacker intended to use the stolen information. They offered him twelve-month credit monitoring and identity theft protection with a reputable company, claiming generosity. However, it turned out that the hackers had already sold Steve's information on the dark web a year earlier.


As a result, Steve was flagged by a government agency for potential involvement in illegal activities like drug sales, human trafficking, or terrorism. This flag remained on his credit report, but Steve had no knowledge of it. He enrolled in the credit monitoring service for one year, which alerted him to the flag on his credit report. He acted quickly, and two agencies removed the flag, but it remained on the third agency's report.


One morning, Steve checked his credit report, hoping to see the notice removed, but it was still there. Filled with anger, he searched for "class action lawyers" and discovered that thousands of people were in the same situation, with an ongoing class action lawsuit in California. Steve joined the lawsuit in time, and after three months, they won. The jury was outraged, and punitive damages raised the amount to a staggering $60 million. However, Steve's compensation was limited to several hundred dollars due to the large number of plaintiffs.


The credit bureau appealed the case all the way to the United States Supreme Court, and unfortunately, the Court dismissed the lawsuit for Steve and thousands of others because the credit report notice had not been transmitted to a third party yet.


About a year later, Steve lost his job again, leaving him with only $50.00 in his account. However, he had a good lead on a new job, and a new apartment complex said they would rent to him if he passed a credit check and secured employment. The interview went well, and he was offered the job, which paid more than his previous position, thanks to his newly acquired computer skills. His job offer was contingent upon passing a credit check.


After the interview, Steve went to the apartment complex to sign a new lease. Unfortunately, the leasing manager informed him that there was a problem with his credit report from one of the agencies. She explained the situation, and, despite her feeling sorry for him, she had no choice. 


She explained the situation, and despite Steve initially thinking it was a joke, her serious expression and teary eyes made it clear it wasn’t. According to company policy, she couldn’t proceed with the lease. The repeated apologies became like a voice echoing underwater in an endless loop.


Feeling disheartened, Steve walked out, determined to make the best of the situation since he had a new job, right? He believed he would find another apartment. However, as he drove away from the apartment complex, the company that offered him the job called his cell phone. They informed Steve that the notice from the credit report issue had also appeared on the report they reviewed.


“I just can’t take a chance. We could be sued for everything, and the company could go under… if you aren’t telling the truth,” the caller said.


“But I am,” Steve pleaded.


“I’m sorry,” the man said and hung up.


Within a month, Steve found himself living in his car. Life had dealt Steve many hardships, but the data breach, seemingly small to many, had completely upended his life just as things were starting to improve. The preventable data breach had put Steve’s future in jeopardy.

No comments:

Post a Comment

How Contributory Negligence Can Affect Your Personal Injury Claim in North Carolina

When pursuing a personal injury claim in North Carolina, understanding the concept of contributory negligence is critical. Unlike most state...