Author: Tim Gutwald / Source: Miller Johnson
On August 1, the D.C. Circuit Court of Appeals joined a growing number of federal courts holding the risk of future harm is enough to allow a class action to proceed following a data breach.
Attias v. CareFirst, Inc., et al., involves a federal class action lawsuit brought by customers whose personal information was allegedly stolen as part of a cyberattack on health insurer CareFirst. The district court initially dismissed the class action, holding that alleged increased risk of future identity theft was not enough to give the plaintiffs standing to bring the class action suit. However, the D.C. Circuit held the plaintiffs alleged a substantial risk of identity theft and emphasized that a risk of future harm was enough to establish standing.
The D. C. Circuit was unconvinced by the fact that the breach did not compromise Social Security or credit card numbers. The court determined that…
Click here to read more