|Articles|February 21, 2018
Supreme Court Punts on CareFirst Data Breach Lawsuit
Author(s)Ryan Black
Meanwhile, Horizon Blue Cross Blue Shield of New Jersey settled another data breach case for $1 million.
Advertisement
Tucked into the “Certiorari Declined” sectioned of today’s Supreme Court
The company filed petition in November of last year after a US appeals court ruled that the company’s customers could proceed with their lawsuit, which alleges the insurer failed to properly encrypt important patient data.
Plaintiffs in the case claim to have suffered loss of intrinsic value of their personal information; violation of statutory rights under consumer protection acts; financial loss from paying for credit monitoring; and even financial loss from overpaying CareFirst for insurance, “the cost of which they maintain should have covered prophylactic measures against hacking.”
A pair of plaintiffs in the case claim they suffered tax refund fraud as a direct result of the breach, which occurred in June 2014 and resulted in over 1 million patient records being accessed. The company claimed at the time, and has continued to claim in subsequent legal filings, that no social security or credit card numbers were compromised in the cyberattack.
The case will remain in the hands of lower courts, which have had a mixed record on data breach lawsuits. In 2017, a district court
Last week, Horizon Blue Cross Blue Shield settled yet another data breach case with the New Jersey Division of Consumer Affairs for $1.1 million. The case focused on a 2008 data breach that exposed the data of nearly 690,000 customers whose information had been stored on laptops stolen from the company’s headquarters.
“Protecting the personal information of policyholders must be a top priority of every company. Customers deserve it and the law demands it,” Steve Lee, Director of the Division of Consumer Affairs,
Related Coverage:
Newsletter
Advertisement
Related Content
Advertisement
Latest CME
Advertisement
Advertisement
