ARCHIVED CONTENT
You are viewing ARCHIVED CONTENT released online between 1 April 2010 and 24 August 2018 or content that has been selectively archived and is no longer active. Content in this archive is NOT UPDATED, and links may not function.An extract of excellent article from Quinn Emanuel Urquhart & Sullivan, LLP
Seventh Circuit Holds That Hacked Customers Have Standing
In Remijas v. Neiman Marcus, 794 F.3d 688 (7th Cir. 2015), the Seventh Circuit held that retailers who expose their customers to a data breach can be sued even before such consumers suffer any tangible loss. Neiman learned in mid-December 2013 that a malware attack had compromised customer credit card information, leading to fraudulent charges. The plaintiffs asserted Neiman’s alleged misconduct exposed them to an increased risk of credit card fraud and identity theft in the future. They also asserted that they had lost time and money resolving the fraudulent charges and mitigating the risk of future identity theft and suffered financially because they would not have made purchases at Neiman had they known the risks involved. The district court held that the plaintiffs could not show standing because they alleged only speculative future injuries that could result from the data breach. Any allegations of impending or past harm were, the district court held, not concrete because any future loss was or would be compensated. The district court also rejected the plaintiffs’ contention that they had overpaid for goods, stating that such a holding would open the door to lawsuits against stores that failed to provide adequate physical security to customers based on an over payment theory even when they could show no physical injury.
Read the complete article at “We’ve Been Hacked!”—New Developments in Cyber-Security Litigation