Court rules for Coca-Cola identity theft victim on stolen laptopsReprints
A Coca-Cola employee who was the victim of identity theft after company laptops were stolen did suffer actual harm as a result, and can pursue a putative class action lawsuit against the company, says a Pennsylvania federal court.
Shane K. Enslin began working for a company that was eventually acquired by the Atlanta-based Coca-Cola Co. in 1996, according to the ruling by the U.S. District Court in Allentown, Pennsylvania, in Shane K. Enslin v. The Coca-Cola Company et al.
Mr. Enslin was required to provide the company with personal identification information including his social security number, address, bank account information, credit card numbers, driver's license information and motor vehicle records, according to the ruling.
Over nearly a six-year period beginning In January 2007 and continuing through November 2013, about 55 company laptops containing information on more than 74,000 people, including Mr. Enslin were stolen, according to the ruling.
By December 2013, all 55 laptops were recovered, and an employee who was responsible for retaining or destroying the laptops, was arrested and charged with felony and misdemeanor theft, according to the ruling.
In February 2014, Mr. Enslin received a letter from the company informing him of the theft and offering him one year of credit monitoring.
A few months later, Mr. Enslin began to experience identity theft, including the unauthorized purchase of thousands of dollars of merchandise on his credit cards and attempts to have his address changed. In July 2014, an identity thief was able to obtain a job using his name.
Mr. Enslin filed suit on behalf of himself and others similarly situated on charges including breach of express contract, among others.
While a number of Mr. Enslin's individual charges were dismissed, Judge Joseph F. Leeson Jr. held he had standing to file suit against the company based on the harm he suffered and that a connection could be drawn between the identity theft and the laptops' theft.
Although the defendents argue that Mr. Enslin's charges are founded on “future harm” rather than any “injury in fact,” the harms allegedly suffered by Mr. Enslin are “ongoing, present, distinct, and palpable,” said Judge Leeds in his Sept. 29 ruling, which was just publicized.
There is also a causal relationship between Mr. Enslin's injuries and the defendants' alleged conduct, said Judge Leeson. “Although seven years passed between plaintiff's employment and the misuse of his information, the chain linking the loss of plaintiff's (social security number), credit cards and banking information, and the subsequent identity attacks plaintiffs suffered is plausible,” said the ruling.
A pre-trial conference in the case is set for Nov.12.
In March, a U.S. District Court judge in Newark, New Jersey dismissed putative class action litigation filed against Horizon Blue Cross and Blue Shield in connection with two stolen laptops, stating the plaintiffs cannot prove they suffered any damage from the theft.