Court rules against Countrywide breach plaintiffs

A U.S. district court in Kentucky has tossed a data breach lawsuit filed against Countrywide Financial by four plaintiffs who opted out of an earlier settlement.

The judge late last month dismissed the complaint because the plaintiffs were unable to prove that they were victims of identity theft and suffered financial harm as a result, according to a post by Justine Gottshall, a partner at Information Law Group.

The plaintiffs were victims of a massive insider scam in which two former employees of Countrywide, now owned by Bank of America, downloaded information on 20,000 customers once a week for two years, and then sold the identity batches to a third party for $500 a pop. An August 2010 settlement provided free credit monitoring for up to 17 million people whose personal data may have been exposed.

But four people rejected the settlement, and the proceeding lawsuit became Holmes v. Countrywide Financial Corp.

"The...plaintiffs alleged that they suffered injury from the data theft because they were forced to take measures to protect themselves from identity theft, such as enrolling in independent credit monitoring service (despite being offered free monitoring by Countrywide) and spending time researching identity theft, and forced to cancel their telephone service after being inundated with telemarketing calls," Gottshall wrote. "Plaintiffs, in essence, sought to recover based on a risk of future identity theft."

But a judge dismissed the claims because there was no actual identity theft that took place.