Recently, Biolase, Inc. reported that an unauthorized party gained access to the company’s computer network. As a result, the company confirmed that the sensitive consumer data contained on the network was compromised. While Biolase has yet to publicly disclose the type of information involved in the breach, on May 20, 2022, the company filed official notice of the breach and sent out data breach letters to all affected parties.
If you received a data breach notification, it is essential you understand what is at risk and what you can do about it. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the Biolase data breach, please see our recent piece on the topic here.
What We Know About the Biolase Data Breach
According to the official notice provided by Biolase, the company first detected unusual activity on its computer network on December 29, 2021. In response, Biolase, Inc. retained the services of dedicated cybersecurity professionals to investigate the incident. This investigation confirmed that the unauthorized party accessed the company’s systems between December 21, 2021 and December 29, 2021.
After discovering that certain files were accessible to an unauthorized party and that they contained sensitive consumer information, Biolase conducted a review of the affected files to determine exactly what data was compromised and to whom it belonged. The company completed its review of the affected files on April 20, 2022.
Subsequently, on May 20, 2022, Biolase, Inc. mailed out data breach letters to all parties whose information was compromised as a result of the recent data security incident.
More Information About Biolase, Inc.
Biolase, Inc. is a medical device company based in Foothill Ranch, California. More specifically, the company develops, manufactures, markets, and sells laser equipment for dentists and other medical professionals. Since its inception, Biolase has sold more than 41,000 laser systems across 90 countries. Biolase was founded in 1984 and brings in roughly $35 million in annual revenue.
Do Companies Have a Legal Duty to Protect Consumer Information?
Yes, businesses and other organizations that accept and store consumer information have an obligation to safeguard that data from cybercriminals, hackers and other bad actors. Additionally, under United States data breach laws, companies can be held financially liable for the harms consumers face as a result of a data breach. Often, the harms stemming from a data breach include the costs of rectifying the damage to the consumer’s identity, as well as the increased risk of identity theft in the future. Data breach victims can also recover non-economic damages for the stress and anxiety that often come along with falling victim to identity theft and other frauds.
However, not every data breach results in a business being held financially responsible. The crux of these claims is whether the organization was negligent in how it handled the data. For example, if a business maintains a state-of-the-art data security system and hackers use new techniques to bypass the system’s protections, the business may not be liable for the breach. However, on the other hand, if a company relies on an out-of-date data security system or otherwise fails to adequately protect consumers’ information from cybercriminals, data breach victims will have an easier time holding the business accountable.
Data breach laws are notoriously complex, and anyone who recently learned they were the victim of a breach should reach out to a dedicated data breach lawyer for assistance.
