AvMed breach settlement awards plaintiffs regardless of suffered fraud

Share this article:
Experts say the settlement serves as a small win for plaintiffs, and a bigger one for plaintiffs.
Experts say the settlement serves as a small win for plaintiffs, and a bigger one for plaintiffs.

A class-action suit against a breached health insurance provider has ended in a rare settlement awarding plaintiffs, regardless of proven fraud.

In 2010, Florida-based AvMed was sued after two company laptops containing personal information of 1.2 million members was stolen. After a years-long court battle, entailing a federal court in Florida dismissing the case twice, and an appeals court finally siding in 2012 with some of the claimants' allegations – a settlement was approved on Feb. 28.

Leading up to the settlement, one of the more novel arguments upheld were claims of AvMed's “unjust enrichment,” – specifically, that insurance premiums AvMed members paid to the company included an expectation for the protection of their personal information.

Last Monday, Computerworld picked up the story, bringing attention to the case's resolution.

The agreement awarded the class $3 million, which accounts for AvMed plaintiffs refunded up to $30 for “premium overpayment,” court documents said.

Under the settlement, plaintiffs are also able to recoup lost funds as a result of identity theft.

While the case represents a rare data breach settlement, not based solely on direct loss caused by the event, legal experts say plaintiffs' attorneys scored the bigger win.

On Thursday, Michael Handler, an attorney at law firm Cozen O'Connor, who advises insurance and financial companies on data breach risks, told SCMagazine.com that the settlement was “unique in that it allows the entire class within the capped amount [$3 million] to recover something, even if their data was not actually stolen – or if their data did not actually get used [by criminals].”

“It provides incentive for other lawyers to take this path – small recoveries for individual claimants that are covered by a larger fund,” Handler said.

Under the agreement, plaintiffs' attorneys received $750,000, or 25 percent of the settlement fund.

In a Thursday email to SCMagazine.com, Jason Weinstein, a partner at Steptoe & Johnson law firm, who focuses on white-collar criminal defense and privacy and data security matters, called the attorneys the “real winners.”

“The plaintiffs themselves likely will get very little,” Weinstein wrote, later adding that the “unjust enrichment” argument would likely be “copied in other data breach cases going forward.”

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.

Professor says Google search, not hacking, yielded medical info

Professor says Google search, not hacking, yielded medical ...

A professor of ethical hacking at City College San Francisco came forward to clarify that he did not demonstrate hacking a medical center's server in a class.

Syrian Malware Team makes use of enhanced BlackWorm RAT

Syrian Malware Team makes use of enhanced BlackWorm ...

FireEye analyzed the hacking group's use of the malware, dubbed the "Dark Edition" of BlackWorm.