A panel of the Seventh Circuit Court of Appeals (Wood, C.J., Kanne, J. and Tinder, J.) has reversed the dismissal of a data security breach class action lawsuit against luxury department store Neiman Marcus.
This lawsuit stemmed from a hacking incident in which “350,000 cards were potentially exposed; and 9,200 of those 350,000 cards were known to have been used fraudulently.” The company provided notices to consumers and a year of free credit monitoring. A number of class action lawsuits were brought by consumers, consolidated into the lawsuit Hilary Remijas v. Neiman Marcus Group, LLC. “The plaintiffs point to several kinds of injury they have suffered: 1) lost time and money resolving the fraudulent charges, 2) lost time and money protecting themselves against future identity theft, 3) the financial loss of buying items at Neiman Marcus that they would not have purchased had they known of the store’s careless approach to cybersecurity, and 4) lost control over the value of their personal information.”
The trial court dismissed the case for lack of Article III standing under Rule 12(b)(1) and declined to rule on defendant’s Rule 12(b)(6) argument. The Seventh Circuit found that at least some of plaintiffs’ alleged injuries passed Constitutional muster, even under the standards set forth in cases like Clapper v. Amnesty International USA.
Continue Reading Seventh Circuit Revives Data Security Breach Class Action Against Neiman Marcus: Finds Article III Standing In Class Expenses “Resolving Fraudulent Charges and Protecting…Against Future Identity Theft.”