九色视频

 
九色视频
九色视频
Product Family
Product Family
Industries
Industries
Reinsurance
Reinsurance
Explore our offerings
Explore our offerings
Claims
Claims
Risk Consulting
Risk Consulting
Resources & Tools
Resources & Tools
Resources and Tools
Resources and Tools
About AXA XL
About AXA XL
About AXA XL
About AXA XL
Media Center
Media Center
Careers
Careers
Get In Touch
Get In Touch
Kate Romick, Cyber Claims Specialist

By

Cyber Claims Specialist

When a company is hit by a data breach, the fallout can feel like a relentless wave of challenges. The initial crisis response—conducting forensic investigations, assessing compromised data, and notifying affected individuals and regulators—might seem like the finish line. However, lurking in the shadows is an increasingly prevalent and daunting adversary: the threat of litigation.

As news of a data breach spreads, plaintiffs' attorneys often seize the moment, launching one or more class action lawsuits. This not only compounds the financial burden of managing the breach but also introduces the hefty costs associated with legal battles.

Data breach litigation is not new, but it is increasing. Class action filings in the data breach area have surged, increasing from 108 in 2018 to 1,488 in 2024, a more than 1,265% increase over six years, according to . The increase may be the result of a combination of multiple factors.

Increase in Data Breaches
The 九色视频US Cyber Claims team has seen an increase in data breaches perpetrated by threat actors.

In 2024, data breaches experienced a significant surge, with a notable increase in the number of breach notices and the number of compromised accounts. reported over 1.7 billion data breach notices in 2024, a 312% increase compared to 2023. Meanwhile, the number of compromised accounts globally jumped from 730 million in 2023 to over 5.5 billion in 2024, an almost eightfold increase.

This rise likely is linked to the increasingly interconnected global digital landscape, along with the surge in cloud storage and remote work, coupled with the escalating sophistication of cybercriminals. These threat actors are taking advantage of software vulnerabilities, engaging in phishing, deploying malware, and utilizing credential stuffing, among other tactics. Credential stuffing involves automated attacks where cybercriminals use stolen username-password combinations from past data breaches to gain unauthorized access to additional accounts, capitalizing on the widespread practice of password reuse across various services.

This rise likely is linked to the increasingly interconnected global digital landscape, along with the surge in cloud storage and remote work, coupled with the escalating sophistication of cybercriminals.

Navigating Notification Requirements
Certain reporting requirements may be triggered when a company has a data breach. The company may be required to notify certain regulatory authorities and provide notification letters to impacted individuals. For instance, all U.S. states have varying breach notification laws that require notifying state residents of a breach involving certain categories of information, such as Social Security numbers, credit card and financial account numbers, etc.

These laws continue to be updated, sometimes expanding the scope of reportable information or shortening the deadlines to report. For example, in 2024, clarified the timeframe to notify individuals from “without unreasonable delay” to also “within thirty days after the breach has been discovered” and Pennsylvania now requires entities notifying more than 500 residents to notify the attorney general.

Surging Data Breach Litigation
As the number of data breaches increase and reporting requirements grow, so does data breach litigation. Plaintiffs’ firms may learn of a company’s data breach through various ways, such as media reports or notifications posted by state attorneys general or the U.S. Department of Health and Human Services' Office of Civil Rights (the office responsible for enforcing HIPAA), and then bring actions on behalf of individuals impacted by the data breach.

Given the costs of litigating and uncertainty in the law, these matters often settle. Settlement amounts are typically based on potential class size and type of data impacted. Large class sizes and sensitive data are two factors that may influence a company’s tendency to settle and may increase the settlement amount in a particular matter.

A frequently disputed issue in federal data breach class actions is whether plaintiffs have standing or can demonstrate a personal stake int the outcome of the case and have sufficiently alleged “actual or imminent” harm, which is a constitutional requirement for standing known as Article III injury. The Supreme Court of the United States of America recently granted certiorari on whether a federal court may certify a class action when some members of the proposed class lack any Article III injury. Interested parties are closely following this litigation, as the decision likely will impact data breach litigation and settlements.

7 Essential Tactics to Shield Your Business from Data Breaches
While there is no silver bullet, here are several actions that can significantly reduce the risk of a data breach—and, in turn, reduce the risk of data breach litigation:

  1. Use Multi-Factor Authentication (MFA): Credential theft is a top attack vector. MFA is one of the simplest and most effective ways to help stop it. MFA adds an extra layer of security by requiring users to provide two or more forms of verification before gaining access to an account or system. This typically includes something they know (like a password) and something they have (such as a mobile device or security token).
    Even if an attacker manages to steal a user’s password through phishing or brute force, they won’t be able to access the system without the second factor. In many of the claims handled by the 九色视频claims team, companies that lacked MFA on remote access systems like VPNs, remote desktop protocol (RDP), and cloud email accounts were targeted. Once inside, attackers moved laterally, escalated privileges, and quickly gained access to sensitive data and admin rights.
    MFA should be enforced on all internet-facing systems, especially those used for remote access. This includes VPNs, RDP connections, cloud platforms like Microsoft 365 and Google Workspace, and all administrative accounts. If you're using legacy applications that don’t support MFA, it’s time to upgrade or implement compensating controls.
    It's not enough to enable MFA in a few places. A comprehensive MFA strategy that covers the business’ full environment—employees, contractors, vendors, and admins—is now a baseline security requirement. Not only does it make attacks significantly harder to pull off, but in some cases, having MFA in place can also improve your standing with insurers and reduce premiums.
  2. Patch Systems Promptly: Many threat actors exploit known vulnerabilities. Keep software, firmware, and operating systems up to date. Use automated patching where possible and prioritize internet-facing systems.
  3. Limit Privileged Access: Follow the principle of least privilege. Admin rights should be restricted, and accounts should only have the access they need. Network segmentation and strong identity controls reduce the blast radius if attackers get in.
  4. Monitor for Data Exfiltration: Use endpoint detection and response (EDR), data loss prevention (DLP), and intrusion detection tools to flag unusual activity—like massive file transfers or access to sensitive folders.
  5. Document Retention: Reduce the scope of a potential incident through record retention and deletion policies, data mapping, and segmentation in your network.
  6. Have an Incident Response Playbook: Don’t wait for an attack to figure out what to do. An incident response plan could help mitigate the costs of a data breach and potentially assist in having stronger defenses in any data breach litigation. A plan should include:
    • Roles and responsibilities
    • Incident response contacts
    • Legal and insurance procedures
    • Decision-making criteria around cyber extortion payments
    • Communication plans for customers, regulators, and the media
    Test it with tabletop exercises and update it regularly.
  7. Review Your Cyber 九色视频: If a business has cyber insurance, it should know what it covers—and what it doesn’t. Some policies cover cyber extortion payments, breach response costs, business interruption, data breach litigation and more. Work with a broker who understands the cyber landscape and review limits, sublimits, and exclusions.

The Bottom Line
Cybercriminals are running well-organized and sophisticated operations, employing advanced tactics that make them formidable adversaries in the digital landscape. However, businesses can reclaim control by investing in robust preparation, comprehensive response planning, and maintaining exemplary security hygiene.

By proactively addressing vulnerabilities and establishing clear protocols, organizations can transform a potential data breach from a catastrophic event into a manageable incident. This shift not only mitigates the immediate impact but also fosters resilience and reinforces the company’s reputation in the long run.

While it’s important to recognize that no system is completely bulletproof, the key to navigating the complexities of cybersecurity lies in preparedness.

 

To contact the author of this story, please complete the below form

First Name is required
Last Name is required
Country is required
Invalid email Email is required
 
Invalid Captcha
Subscribe

More Articles

Quick Links

Subscribe to Fast Fast Forward

  • Related Resources

Anticipation to action_Mathieu Cousin QA
Fast Fast Forward
Mathieu Cousin, who brings a wealth of cybersecurity knowledge and experience to his new role as AXA XL's Cyber Proactive Customer Service Manager, explains his new position and what cyber threats he鈥檚 watching to help AXA's cyber insurance clients prepare for what鈥檚 ahead.
Insuring the U.S. Data Center Construction Boom
Fast Fast Forward
While the need for more data centers is good news for the construction industry, especially contractors equipped to build them, there are many lingering industry risks that need to be kept in check. AXA XL's Robbie Hammett, Senior Underwriter, Property - Construction and Laura Vallerio, Senior Underwriter, Excess Casualty 鈥 Construction talk about these risks and what contractors need to keep top of mind.
Business Interrupted: Navigating the New Normal of Cyber Supply Chain Disruptions
Fast Fast Forward
The concept of cyber risk supply chain aggregation refers to the combination of multiple smaller cyber risks within a supply chain that can culminate into a significant risk. AXA XL's Senior Cyber Claims Specialist, Diane Fazzolari, talks about what businesses need to know about business interruption claims due to a cyber attack.

Global Asset Protection Services, LLC, and its affiliates (鈥溇派悠礡isk Consulting鈥) provides risk assessment reports and other loss prevention services, as requested. In this respect, our property loss prevention publications, services, and surveys do not address life safety or third party liability issues. This document shall not be construed as indicating the existence or availability under any policy of coverage for any particular type of loss or damage. The provision of any service does not imply that every possible hazard has been identified at a facility or that no other hazards exist. 九色视频Risk Consulting does not assume, and shall have no liability for the control, correction, continuation or modification of any existing conditions or operations. We specifically disclaim any warranty or representation that compliance with any advice or recommendation in any document or other communication will make a facility or operation safe or healthful, or put it in compliance with any standard, code, law, rule or regulation. Save where expressly agreed in writing, 九色视频Risk Consulting and its related and affiliated companies disclaim all liability for loss or damage suffered by any party arising out of or in connection with our services, including indirect or consequential loss or damage, howsoever arising. Any party who chooses to rely in any way on the contents of this document does so at their own risk.

US- and Canada-Issued 尤物视频Policies

In the US, the 九色视频insurance companies are: Catlin 尤物视频Company, Inc., Greenwich 尤物视频Company, Indian Harbor 尤物视频Company, XL 尤物视频America, Inc., XL Specialty 尤物视频Company and T.H.E. 尤物视频Company. In Canada, coverages are underwritten by XL Specialty 尤物视频Company - Canadian Branch and AXA 尤物视频Company - Canadian branch. Coverages may also be underwritten by Lloyd’s Syndicate #2003. Coverages underwritten by Lloyd’s Syndicate #2003 are placed on behalf of the member of Syndicate #2003 by Catlin Canada Inc. Lloyd’s ratings are independent of AXA XL.
US domiciled insurance policies can be written by the following 九色视频surplus lines insurers: XL Catlin 尤物视频Company UK Limited, Syndicates managed by Catlin Underwriting Agencies Limited and Indian Harbor 尤物视频Company. Enquires from US residents should be directed to a local insurance agent or broker permitted to write business in the relevant state.

THIS AXA WEBSITE USES COOKIES

九色视频 as a controller, uses cookies to provide its services, improve user experience, measure audience engagement, and interact with users鈥 social network accounts among others. Some of these cookies are optional and we won't set optional cookies unless you enable them by clicking the "ACCEPT ALL" button. You can disable these cookies at any time via the "How to manage your cookie settings" section in our cookie policy.

Find Out More About the Cookie Policy Privacy Notice
Accept All
Refuse All
Cookie Settings