Archives: Data Breach

Subscribe to Data Breach RSS Feed

When a Published Data Breach is a Covered Data Breach

Can an inadvertent Internet posting of a patient’s medical information trigger insurance coverage for liability stemming from a data-breach class action? The Fourth Circuit held last week that it can, and it added to the growing body of case law construing what “publication” means in the context of whether class liability is covered by commercial … Continue Reading

The Seventh Circuit Revisits Standing for Data Breach Class Actions

One obstacle for named plaintiffs in proposed data breach class actions is the extent to which plaintiffs must allege an injury-in-fact to have standing. Disputes often arise about whether proactive efforts to mitigate against the potential misuse of stolen data, such as utilizing credit monitoring services, are sufficient to confer Article III standing. Since the … Continue Reading

Banks Win Class Certification in Target Data Breach Case

A federal court recently granted class certification to a group of financial institutions (the “Banks”) in the data breach case against Target Corporation (“Target”) arising from the December 2013 hacking of its computer system, which exposed the financial information of millions of customers. In re: Target Corp. Customer Data Security Breach Litigation, MDL Case No. … Continue Reading

Breaking Down the Target Payment Card Breach Settlement – It’s Not as Groundbreaking as You’ve Been Led to Believe

Editor’s Note: The following blog post was originally published by ClassActionBlawg.com. It is republished with permission. HarrisMartin’s Data Breach Litigation Conference: The Coming of Age is scheduled for next Wednesday, March 25, 2015, at the Westin San Diego.  I’ll be speaking on a panel titled Creative Approaches to Settling Data Breach Cases with Ben Barnow of Barnow and Associates, … Continue Reading

Clapper Again Stymies Data Breach Class Action

Editor’s Note: This blog post is a joint submission with BakerHostetler’s Data Privacy Monitor blog. The U.S. Supreme Court’s decision in Clapper v. Amnesty International USA again has been relied on by a federal district court to hold that the “mere loss of data” in a data breach case does not constitute an injury sufficient to confer … Continue Reading

Data Breach Class Action Standing Post-Clapper

Our own Judy Selby has a new piece out on Law360 analyzing standing for data breach class cases after the Supreme Court’s decision in Clapper:  “No Data Misuse? No Standing For Data Breach Plaintiffs.”  Judy’s piece highlights the challenges that face data breach plaintiffs post-Clapper, but also points out that: The continued proliferation of data … Continue Reading

Once Again, Clapper Defeats Data Breach Class Action

Article III standing has once again proved to be an insurmountable hurdle for data breach class action plaintiffs whose personal information hasn’t been misused.  In Galaria v. Nationwide Mutual Insurance Co., an Ohio federal court relied on the United States Supreme Court’s decision in Clapper v. Amnesty Intern. USA, 133 S.Ct. 1138 (2013), and held … Continue Reading

California Court Finds Advertising Injury Coverage is Triggered by Medical Information Data Breach

On October 7, 2013, a federal district court in California held that the Advertising Injury coverage in a comprehensive general liability policy issued by Hartford Casualty Insurance Company (Hartford) covered two class action lawsuits arising out of the disclosure of confidential health information.  Hartford Casualty Insurance Company v. Corcino & Associates et al., CV 13-3728 … Continue Reading

Opening the Flood Gates? California Voters May Create Presumption of Harm in Privacy Breach Cases

California has moved one step closer towards amending its Constitution to create a presumption of harm whenever personal data is shared without a consumer’s express opt-in, a change that would clear a significant hurdle to many privacy breach lawsuits. On Thursday, California Secretary of State Debra Bowen approved steps necessary to bring the Personal Privacy … Continue Reading

District Court rejects supervisor liability for state employee’s motor vehicle record data breach

Co-authored by: Sammatha Clegg Editor’s Note: This post is a joint submission with BakerHostetler’s Data Privacy Monitor blog. In a recent decision, the Federal District Court of Minnesota found that state agencies were not liable in a data breach class action suit involving a rogue employee’s unauthorized viewing of personal information in drivers license records.  Kiminiski v. … Continue Reading

Class Action Plaintiffs Lack Standing under Clapper to Sue Barnes & Noble for Credit Card Data Breach

Relying heavily on the Supreme Court’s recent Clapper decision, a federal court dismissed a class action lawsuit arising out of a “skimming” data breach against Barnes & Noble (BN).  In re Barnes & Noble Pin Pad Litigation, Case # 12-cv-8617 (N.D.Ill. Sept. 3, 2013)  The plaintiffs filed suit against BN following its disclosure that “skimmers” potentially stole … Continue Reading

Another Blow to Data Breach Class Actions: Bell, et al. v. Blizzard Entertainment, Inc.

Editor’s Note: This post is a joint submission with BakerHostetler’s Data Privacy Monitor blog. On July 11, 2013, the U.S. District Court for the Central District of California dismissed a majority of the claims brought against Blizzard Entertainment, Inc. after a data breach suffered by Blizzard in 2012. In granting the motion for judgment on the pleadings, … Continue Reading

Zip Code Cases Alive and Well – Bed Bath & Beyond and Guitar Center Hit with Putative Class Actions

In March, we blogged about Tyler v. Michaels Stores, a recent Massachusetts Supreme Court ruling, holding that zip codes are personally identifiable information and disavowing data mining by zip code. That decision threatened and continues to threaten to bring forth a deluge of data mining litigation against retailers in Massachusetts, much like Pineda v. Williams-Sonoma … Continue Reading

Clapper and Data Breach Litigation

In Clapper v. Amnesty International USA,  133 S. Ct. 1138 (2013), the Supreme Court recently held that individuals claiming injury from the federal government’s right to conduct electronic surveillance under the Foreign Intelligence Surveillance Act (FISA),  50 U.S.C. § 1881a, lacked standing to pursue their claims.  In reaching its holding, the Court made statements that should … Continue Reading

South Korea Opens the Door for Unintentional Data Breach Collective Actions

This is a cross blog post with BakerHostetler’s data privacy blog.  For the latest in developments in data privacy, visit dataprivacymonitor.com. For a multi-jurisdictional summary of key requirements of international data privacy laws, see BakerHostetler’s  International Compendium of Data Privacy Laws. On February 15, 2013, the Seoul Western District Court in South Korea issued a … Continue Reading

Blood Bank Data Breach Class Action Settlement Preliminarily Approved by California District Court Judge

In Johansson-Dohrmann v. CBR Systems, Inc. et al, No. 3:12-cv-01115 (S.D. Cal., filed May 7, 2012), the latest data privacy class action to reach settlement, Judge Michael M. Anello on February 5, 2013 granted preliminary approval of a proposed class settlement in a federal class action suit brought by a client of a blood bank … Continue Reading

Call Centers Increasingly Targeted in Class Action Lawsuits for Statutory Penalties Under Decades-Old California Law

Editor’s Note – This article is a joint submission to the Baker Hostetler Class Action Lawsuit Defense Blog and Data Privacy Monitor. Be sure to check out the Data Privacy Monitor for the latest news, trends, and analysis on data privacy issues.  Companies that provide call center services to consumers are increasingly being targeted in class action … Continue Reading

Courts Preliminarily Approve Settlements in Netflix and Blockbuster Video Privacy and Protection Act Class Actions

Editor’s Note – This article is a joint submission to the Baker Hostetler Class Action Lawsuit Defense Blog and Data Privacy Monitor. Be sure to check out the Data Privacy Monitor for the latest news, trends, and analysis on data privacy issues.  Two Federal District Courts recently approved settlements in two significant class actions brought … Continue Reading

Data Breach Class Action Against Google Allowed to Proceed Under Stored Communications Act

In most consumer fraud and other class actions, the decisive point in the litigation is often the class certification battle, where the stakes are high as the costs to a company in terms of money and reputation are on the line.  Before ever getting to the class certification stage, defendants typically try to knock the claims … Continue Reading

Data Breach Class Actions on The Rise

A recent Ninth Circuit decision will allow a class action brought under California’s Song-Beverly Credit Card Act (Song-Beverly Act) against Louis Vuitton to proceed in federal court.  In Morey v. Louis Vuitton North America, Inc., No. 11-56916, 2011 WL 6256963 (9th Cir. Dec. 15, 2011), Plaintiff filed a putative class action against Louis Vuitton for … Continue Reading
LexBlog