Astoria Data Breach Lawsuit

Consumer Protection Attorneys in California

In late January 2021, an alleged security researcher, along with an associate, gained unauthorized access to an Astoria system which had a database of individuals’ personal information. The two individuals were able to obtain a portion of personal information maintained by the system, although the system prevented attempts to obtain further data.

Astoria became aware of the intrusion on Feb 8, 2021 and took immediate steps to secure its systems and conduct an internal forensic investigation to determine what information was accessed during the intrusion. After many months of work, Astoria was able to obtain a copy of the data obtained by the security researcher and compare it with Astoria’s records.

In an abundance of caution, Astoria is now notifying all individuals who were identified as potentially having sensitive data obtained during the incident. Additional technical details about the cyber‐ attack are currently posted at https://astoriacompany.com/cyber.

Who was affected by this incident?

The impacted information included first and last name, mailing address, email address, phone number, date of birth, social security number and/or driver’s license number and state, and in some instances employment information.


Who is Astoria? Astoria Company operates a lead exchange, connecting consumers with the products and services they seek in near‐real‐time across multiple industries. This includes processing customer information in connection with expressed interest in obtaining an auto loan, mortgage or other financial service. As a result, Astoria maintains contact details and other personal information about individuals even if they have not had direct relationships with them.

While identity thieves are becoming more sophisticated at breaking through the data protection of businesses, it is the company’s responsibility to provide the highest level of security for their consumers. This is especially true when medical information is involved. Medical information of the type lost here, is given special protection under California law.

(858) 293-4614 Call now to review your case with our Data Breach intake specialist. During this call, our intake specialist will review your claim regarding the Astoria Lawsuit. 

*HIPAA and CMIA Violation – You may be entitled to damages or other remedies. If you received notice that your information was stolen due to a data breach incident, contact Potter Handy, LLP to join our class action lawsuit. No out-of-pocket expenses from you.

View example of what the letter looks like. If you received this letter contact our Law Firm.


What Information Was Involved?

The impacted information included:

  • First and last name
  • Mailing address
  • Email address
  • Phone number
  • Date of birth
  • Social security number
  • Driver’s license number
  • Employment information

Contact Our California Data Breach Lawyers

Have you received notice that your information was stolen due to a data breach incident? If so, you may be entitled to damages or other remedies.

Every day, insurance companies and health care providers lose protected medical information through careless acts, such as emailing third parties’ medical information or sending your personal information to third parties without any encryption or protection.

Our attorneys at Potter Handy, LLP have been instrumental in protecting privacy rights.

(858) 293-4614 Call now to review your case with our Data Breach intake specialist. During this call, our intake specialist will review your claim regarding the Astoria Lawsuit.