Verisk Analytics Lawsuit and ISO Claims Services Data Breach

Verisk Analytics Lawsuit Filed Against ISO Claims Services, Inc., Verisk Analytics, Inc., and Insurance Services Office, Inc.

On September 27, 2021, ISO Claims Services, Inc. (“ISO”) first disclosed by letter that it experienced a security data breach that caused some individual’s vital personal data such as names, birth dates, addresses, and driver’s license numbers to be stolen. However, the extent and the type of information stolen during the breach may be more significant than ISO Claims Services, Inc.’s letter initially stated.

Moreover, this personal information could be used or sold to criminals who can then use the victim’s identity to open up accounts, take out personal loans and commit other acts of financial fraud. ISO Claims Services, Inc.’s  letter sent to potential victims explained that the unauthorized entity accessed their customer portal as early as July 5, 2021. ISO Claims Services, Inc. also recommended that victims “remain vigilant and review your financial records and statements for signs of suspicious activity.” Contact us to learn more about the Verisk analytics lawsuit.

On December 14, 2021, a Class Action Complaint and Demand for Jury Trial against Verisk Analytics, Inc., Insurance Services Office, Inc., and ISO Claims Services, Inc. was filed in the United States District Court for the Eastern District of New York. The lawsuit alleges that the Class Plaintiffs sustained damages for actual and imminent or impending injuries due to the Defendants’ failure to protect Plaintiffs’ personally identifiable information (“PII”) from a targeted breach of its databases (“data breach”).

The lawsuit also alleges that Defendants also, directly and indirectly, collect and maintain the personally identifiable information of claimants in its databases. The information stolen in the data breach includes sensitive personal information such as full names, addresses, telephone numbers, Social Security numbers (“SSN”), tax identification numbers (“TIN”), vehicle identification numbers (“VIN”), driver’s license numbers, and license plate numbers.

On July 5, 2021, criminals or unauthorized entities exploited the weaknesses and vulnerabilities in Defendants’ data security systems, infiltrated their databases, and exfiltrated and exposed massive amounts of individual claimant information, including the personally identifiable information of Plaintiff and other potential claimants. Plaintiff’s complaint asserts that the July 5 data breach continued undetected by Defendants for about three months or longer.

According to the lawsuit,   Defendants had already negligently failed to identify or prevent the unauthorized breach of its data systems or safeguard with adequate and reasonable cybersecurity measures from July 5 until around September 27, 2021, when ISO Claims Services, Inc’s letter stated the company “promptly launched an investigation and deactivated accounts identified with suspicious activity.”

The lawsuit also maintains that Defendants knew, or should have known, the importance of guarding all personally identifiable information on their data systems and should have been prepared to defend against foreseeable data breaches. However, Defendants failed to implement satisfactory cybersecurity measures to prevent the data breach from happening, and as a result, caused Plaintiff and other victims from suffering irreparable harm from financial fraud, loss of privacy, and identity theft.

In addition, the consequences of Defendants’ failure to keep the personally identifiable information secure are severe and long-lasting since many data points in the compromised and exposed personally identifiable information are permanent and persistent, such as dates of birth and Social Security numbers.

Tragically, criminals or other entities who have purchased or will purchase the personally identifiable information belonging to Plaintiff and other victims exposed in this data breach do not have to use the PII to commit fraud immediately. Rather, these people are able to wait indefinitely to sell or use a victim’s personally identifiable information. Therefore, the victims of this data breach remain at risk of financial fraud, loss of privacy, and identity theft for the rest of their lives.

Direct and Proximate Damages Caused by the Data Breach

According to the lawsuit, Plaintiff and other victims who join the Class suffered actual and imminent injuries due to the direct and proximate consequence of Defendants’ negligent failure to avert the data breach, including:

1. Theft of the victim’s personally identifiable information;
2. Actual fraudulent activity on their financial accounts;
3. Lowered credit scores resulting from credit inquires following fraudulent activity;
4. Increased fraudulent phone calls and email phishing attempts;
5. Costs associated with the detection and prevention of identity theft and financial fraud;
6. Costs associated with the time and the loss of productivity spent addressing and attempting to monitor, ameliorate, mitigate, and deal with the consequences of the data breach;
7. Stress, nuisance, and annoyance from dealing with the consequences of the data breach;
8. Imminent, impending, and increased risk of future identity theft and financial fraud posed by ill-intentioned unauthorized entities or criminals possessing their PII;
9. Damages to and diminution in value of their PII;
10. The retention of the reasonable value of the PII still in Defendants’ possession; and
11. The continued risk to their personally identifiable information, which remains in the possession of Defendants and is subject of further data breaches so long as Defendants fail to undertake appropriate and adequate cybersecurity measures.

Plaintiff, both individually and on behalf of those similarly harmed, seeks to remedy their injuries and prevent a similar occurrence in the future in pursuing monetary damages, injunctive relief, declaratory relief, and all other forms of relief recoverable by law.

The Largest Data Breaches in History

The problem of data breaches is only getting worse.  According to Wikipedia, the global annual cost of data breaches in 2020 was $2.1 trillion. In 2019, 2.7 billion identity records were posted for sale on the Internet. A majority of all data breaches transpire in North America.  The following is a list of data breaches reported in national news.

• 21st Century Oncology;
• 500px;
• Adobe Systems Incorporated;
• Airtel;
• Animal Jam;
• Anthem Inc.;
• AOL;
• Ashley Madison;
• The Bank of New York Mellon;
• Benesse;
• Capital One;
• CardSystems Solutions Inc.;
• CheckPeople;
• CitiGroup;
• CVS;
• DoorDash;
• DropBox;
• Dubsmash;
• eBay;
• Equifax;
• Excellus BlueCross BlueShield;
• Experian – T-Mobile US;
• Facebook;
• First American Corporation;
• Home Depot;
• Instagram;
• Internal Revenue Service;
• JP Morgan Chase;
• LifeLabs;
• Marriott International;
• US Medicaid;
• Microsoft;
• Neiman Marcus;
• Orbitz;
• Patreon;
• PayPay;
• Scottrade;
• SnapChat;
• Sony PlayStation Network;
• Target Corporation;
• TD Ameritrade;
• TD Bank;
• TikTok;
• T-Mobile;
• Uber;
• United States Postal Service;
• U.S. Department of Veteran Affairs;
• Walmart;
• Yahoo.

THE TIME TO FILE YOUR CLAIM IS LIMITED BY THE STATUTE OF LIMITATIONS

Each state has its own time deadlines in which to you need to file your claim. This deadline is called the statute of limitations. If the statute of limitations expires on your case, you cannot file a claim and seek financial compensation for your losses.

WHY CHOOSE
PARKER WAICHMAN LLP?

At Parker Waichman LLP, our experienced attorneys understand that you want justice and full monetary compensation for your losses. When you place your trust in our capable hands, you can be comforted knowing that the most experienced attorneys from our firm are fighting for you and your family.

Parker Waichman LLP Has Received Several Important Accolades and Awards for Our Superior Trial Litigation.

The following are only a few of our honors, awards, and accolades:

• “Preeminent Lawyers” AV Peer Review Rating (The rating is based on feedback from judges and other legal professionals.)
• The Highest rating of “5 Dragons,” by Lawdragon.com
• Awarded a listing in “Best Lawyers” due to extensive peer review.

GET LEGAL HELP FROM OUR KNOWLEDGEABLE DATA BREACH LAWYERS TODAY

If you or a loved one suffered the loss of your personally identifiable information, you might be able to pursue a data breach lawsuit to recover monetary compensation. To receive a free legal consultation with one of our identity theft lawyers, just fill out our online form or call 1-800-YOUR-LAWYER (1-800-968-7529) today. We will help you understand your legal rights and fight vigorously for the compensation you deserve if we are able to take your case.