Court Expands Standing for Plaintiffs to Pursue Data Breach Claims

Court Expands Standing for Plaintiffs to Pursue Data Breach Claims

Aug 14, 2017

Client Alert

Brownstein Client Alert, August 14, 2017

On August 1, 2017, the D.C. Circuit handed down its decision in the data breach class action Attias v. CareFirst. In doing so, it became the latest federal appellate court to recognize that individual victims of a breach have standing to bring claims based on the risk of future harm that they may suffer. Importantly, in reaching this conclusion, the three-judge panel unanimously emphasized that the breach—which compromised plaintiffs’ social security and credit card numbers—could create a “substantial risk” of injury, thereby determining that the plaintiffs could proceed with their case beyond the pleading stage. By overturning a lower court decision to dismiss the case and allowing the plaintiffs to proceed with their claims, CareFirst builds on multi-circuit precedent establishing the viability of civil suits stemming from data breaches. Companies should be aware of this precedent and prepare themselves as a growing number of courts demonstrate a willingness to open the door to civil liability following a cyber incident.

Click on PDF above to read entire article.

Meet The Team

Tracy L. Lechner Shareholder T 303.223.1274 tlechner@bhfs.com
Esteban M. Morin Associate T 303.223.1275 emorin@bhfs.com
Ian V. O'Neill Shareholder T 303.223.1210 ioneill@bhfs.com
Jonathan C. Sandler Shareholder T 310.564.8672 jsandler@bhfs.com