AvMed data breach case opens door for ID theft claims

Share this article:

A recent federal appeals court ruling may narrow the burden for plaintiffs to prove that they are victims of identity theft as result of a data breach.

Plaintiffs Juana Curry and William Moore alleged in a class-action lawsuit filed in 2010 that they sustained ID theft following an incident the year prior in which two unencrypted laptops, containing the personal information of 1.2 million customers, were stolen from Florida health insurer AvMed. (The victim total initially was much lower, but later revised by the company).

In August 2011, a U.S. District Court judge dismissed the case after concluding that the plaintiffs were unable to represent "injury" as a result of the laptop thefts.

But earlier this month, the 11th U.S. Circuit Court of Appeals, in a 2-1 decision (PDF), ruled that the plaintiffs were "explicitly" able to prove a link between the breach and ID theft they incurred.

The plaintiffs contended that roughly a year after the incident, bank and brokerage accounts were opened in their names, resulting in unauthorized charges and transactions. They were forced to spend money to place fraud alerts and purchase identity theft protection services, among other costs.

Page 1 of 2
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Florida Supreme Court rules warrants a must for real-time cell location tracking

Florida Supreme Court rules warrants a must for ...

The Florida Supreme Court put the kibosh on warrantless real-time tracking using location data obtained from cell phone providers.

Modular malware for OS X includes backdoor, keylogger components

Modular malware for OS X includes backdoor, keylogger ...

The modular malware was named "Ventir," by researchers at Kaspersky.

Fake Dropbox login page nabs credentials, is hosted on Dropbox

Fake Dropbox login page nabs credentials, is hosted ...

Symantec researchers received a phishing email linking recipients to a fake Dropbox login page that is hosted on Dropbox's user content domain and served over SSL.