Login

Help

BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

Court dismisses class-action suit in data breach

Reprints
Cyber Risks Emerging Risks Technology More + Less -
data breach

A federal district court in Tucson, Arizona, agreed last week to dismiss a putative class action suit that was seeking damages in connection with a data breach, stating the plaintiff’s complaint reflects only “speculative” damages.

Tucson-based Truly Nolen of America Inc., which provides pest control services across the United States and in 30 countries worldwide, learned in May 2022 that it was the victim of a data breach that occurred between April 29, 2022, and May 11, 2022, according to Thursday’s ruling by the U.S. District Court in Crystal Gannon v. Truly Nolen of America Inc.

The information breached included personally identifiable information, such as Social Security numbers, and personal health information such as medical information and medical insurance information. The company began informing potential victims of the data breach in August 2022.

Injuries alleged by Ms. Gannon include lost time investigating issues and services relating to the data breach; the diminution of her PII and private health information; annoyance and interference; and the substantial risk of fraud. 

The company’s response to the complaint states there is no evidence any putative class members had experienced actual fraud or misuse because of the breach.

“Plaintiff’s case is without merit,” the ruling said, in dismissing it. “Negligence damages must be actual and appreciable, non-speculative and more than merely the threat of future harm.” 

It said while the plaintiff asserts damages because of out-of-pocket expenses spent on prevention, detection and recovery, she did not demonstrate that these expenses were “reasonable and necessary.

Attorneys in the case did not respond to requests for comment.

“This is a very, very conservative pro-company ruling” that will be often cited by defense attorneys, said Gerald Maatman, a partner with Duane Morris LLP in Chicago, who is not involved in the case.

The ruling contrasts with an earlier ruling last month by the 2nd U.S. Circuit Court of Appeals in New York, which overturned a lower court and held in Nancy Bohnak v. Marsh & McLennan Cos. Inc. that plaintiffs can pursue damages from data breaches even where there was no evidence the information was improperly used.

 

 

 

 

 

Most Read in Risk Management

Sign up for Daily Briefing, the free email newsletter from Business Insurance.

About

Advertise

Reprints and Licensing

Resources

. Privacy PolicyTerms of Use

COPYRIGHT © 2024 BUSINESS INSURANCE HOLDINGS

Member, Beacon International Group, Ltd.