How to Protect Yourself from Identity Theft after Your Data Has Been Breached

Data breachFollowing the unprecedented data breach at Excellus, the 10 million plus affected people are looking for ways to protect themselves from impending risk of future identity theft.

One of the best ways to protect oneself is to make sure that passwords are changed regularly and to not maintain the same password across various accounts.

In addition, freezing one’s credit with all three major credit bureaus is an excellent way to be sure that no unauthorized credit is issued in one’s name.

Finally, the Federal Trade Commission has a comprehensive ID protection guide that is a great resource. Visit their website for more information on how you can protect yourself from identity theft.


Plaintiffs Seek Reconsideration of Court’s Decision in Excellus Data Breach Case

Excellus Data Breach LawsuitOn February 22, 2017, Judge Elizabeth A. Wolford of the United States District Court for the Western District of New York issued a 90-page decision granting in part and denying in part Defendants’ Motions to Dismiss.

In her decision, she dismissed the claims brought by those plaintiffs who had not yet experienced any actual identity theft or fraud, including four of the twenty named plaintiffs. Among other things, she reasoned that these plaintiffs, and those others affected by the Excellus Data Breach, have not yet been legally injured until they experience actual fraud or identity theft.

On March 22, 2017, Plaintiffs’ Lead Counsel filed a Motion for Reconsideration with the Court. In the Motion, Plaintiffs asked the Court to reconsider its decision on a number of legal grounds, including newly discovered evidence found by their experts that shows that both those plaintiffs who have already experienced identity theft and those who have not face a substantial risk of harm in that certain plaintiffs’ information has been found for sale on the Dark Web.

The experts conducted these searches to see what information was actually available. In most instances, it was email addresses and passwords that were found, but in others, social security numbers and/or dates of birth were also found. Unfortunately, the purchase of sensitive information on the Dark Web does not protect victims. Individuals who sell this information can just turn around and sell it again in the future and, according to our experts, often do sell the information multiple times, which is why some of the plaintiffs have continued to experience more fraud.

The Excellus Defendants have until May 3, 2017 to respond to our Motion. Plaintiffs then have one more opportunity to submit papers due May 17, 2017.

It is not known when the Court will issue a decision on Plaintiffs’ Motion for Reconsideration, but expect it will be sometime this year.