Amanda Fiorilla

Amanda Fiorilla

Senior Associate

Amanda Fiorilla is a Senior Associate and Vice Chair of Lowey Dannenberg’s Data Breach & Privacy Practice. As a founding member of Lowey’s Data Breach & Privacy Practice, Ms. Fiorilla is at the forefront of the ever-changing data privacy and data breach landscape. She is a fierce litigator who has obtained landmark victories on behalf of clients through her advocacy.

Notable Cases:

Data Breach:

In re Wawa Data Sec. Litig., Case No. 19-cv-06019 (GEKP) (E.D. Pa.). Ms. Fiorilla was imperative to this class action on behalf of financial institutions impacted by the breach of convenience store and gas chain Wawa’s payment card system. Plaintiffs obtained over $28 million in settlement, which remains pending for court approval. 

Barr v. Drizly, LLC, Case No. 1:20-cv-11492 (D. Mass.). Ms. Fiorilla played an integral role in obtaining over $7.1 million in a settlement to resolve claims against Drizly relating to a data breach, which Plaintiffs contended concerned personally identifiable information.

Privacy Litigation: 

Doe v. Regents of the University of California, No. 3:23-cv-00598 (N.D. Cal.). Lowey’s Privacy Team filed this action against Regents of the University of California alleging it disclosed its patients’ medical information through its incorporation and use of the Meta Pixel in violation of the California Confidentiality of Medical Information Act, among other laws. Ms. Fiorilla successfully, through briefing and oral argument, defeated Regents of the University of California’s Motion to Dismiss. This action is pending.

Doe v. GoodRx Holdings, Inc., No. 3:23-cv-00501-AMO (N.D. Cal.). Ms. Fiorilla serves as court-appointed co-lead counsel in this action against GoodRx Holdings, Inc., Criteo Corp., Meta Platforms, Inc., and Google LLC for disclosing and intercepting users’ prescription information and other health data through software development kits and web-based tracking technology incorporated in GoodRx-branded mobile applications and websites. The action is pending.

Wesch v. Yodlee, Inc., No. 3:20-cv-05991 (N.D. Cal.). Lowey’s Privacy Team defeated summary judgment in this class action against financial data aggregator Yodlee, Inc. for collecting users’ financial account data through its account-linking software in violation of several laws, including the California Anti-Phishing Act. Fact discovery remains open.

Other Cases:

Bond Rigging: Ms. Fiorilla was a key member of the team prosecuting In re GSE Bonds Antitrust Litigation, Case No. 19-cv-1704 (JSR) (S.D.N.Y.), a class action against sixteen of the world’s largest banks alleging a conspiracy to fix the prices of debt securities issued by government sponsored entities. To date, Plaintiffs have obtained over $386 million in settlements.

Benchmark Manipulation: Ms. Fiorilla plays an active role in the prosecution of Laydon, et al. v. Mizuho Bank, Ltd., et al., 12-CV-3419 (GBD) (S.D.N.Y.), a CEA class action alleging benchmark manipulation of the Tokyo Interbank Offered Rate (TIBOR) and the London Interbank Offered Rate for Japanese Yen (Yen LIBOR) by several of the world’s largest financial institutions. The court has granted final approval to more than $305 million in settlements. 

Groundbreaking Decisions:

In California, Lowey’s Privacy & Data Breach Team recently certified a class of consumers who were harmed by Google, LLC’s unlawful collection of their voice recordings through Google Assistant-enabled devices in In re Google Assistant Privacy Litigation.

In In re USAA Data Security Litigation, Lowey’s Privacy & Data Breach Team was one of the first firms in the country to defeat a motion to dismiss Drivers Privacy Protection Act claims arising out of an insurance company’s auto-populate feature that disclosed consumers’ private motor vehicle records to hackers and other unwanted third parties.

And in Pennsylvania, Lowey’s Privacy & Data Breach Team successful lawyering led to the first Pennsylvania federal court decision (In re Rutter’s Inc. Data Security Breach Litigation, Case No. 20-cv-00382 (M.D. Pa.) to recognize a company’s duty to safeguard credit and debit card information in its possession.


Prior to joining Lowey Dannenberg, Ms. Fiorilla served as a judicial extern to the Honorable Patty Shwartz of the U.S. Court of Appeals for the Third Circuit.

Ms. Fiorilla earned her J.D., magna cum laude, from Pace Law School in January 2019. During law school, Ms. Fiorilla served as Editor-in-Chief of The Pace Law Review. She was also President of the Corporate & Commercial Law Society, a Research Assistant, and Dean’s Scholar in the subjects of Property and Civil Procedure. During this time, Ms. Fiorilla also co-authored a publication on the history of public corruption statutes and the prosecution of public officials.

She received her undergraduate degree, cum laude, in Political Science from Ramapo College of New Jersey in 2015. She was President of the Philosophy Club and a member of Pi Sigma Alpha, the National Political Science Honor Society.

Recent Publications:

Christian Levis, Amanda Fiorilla & Luke Goveas, Data Breach Plaintiffs Still Face Circuit Conflict on Standing, Bloomberg Law (June 15, 2021, 4:00 AM),

Christian Levis & Amanda Fiorilla, New Jersey & Pennsylvania Hot Spots Among Recent Data Breach Targets, Lowey Dannenberg, (May 15, 2020),

Christian Levis & Amanda Fiorilla, Some Credit Unions Have Received Settlements; Should You Take Your Situation to Court?, CU Management, (Mar. 10, 2020),

Samantha Conway, David Diab, Amanda Fiorilla, & Eric Grossfeld, Primer, 38 Pace L. Rev. 688 (2018),


B.A. Ramapo College, cum laude

J.D. Pace Law School, magna cum laude

Bar/Court Admissions:

New York, New Jersey