Magazine article Information Management

Court: Data Breach Harmful Even without Identity Theft

Magazine article Information Management

Court: Data Breach Harmful Even without Identity Theft

Article excerpt

[ILLUSTRATION OMITTED]

The U.S. Seventh Circuit Court of Appeals ruled in July that customers affected by a data breach are likely to be injured even if they don't experience identity theft or other fraud.

In Hilary Remijas, et al v Neiman Marcus Group LLC, the court ruled against Neiman Marcus after a large data breach spurred a class-action lawsuit, which the court has allowed to proceed.

"Customers should not have to wait until hackers commit identity theft or credit card fraud in order to give the class standing, because there is an 'objectively reasonable likelihood' that such an injury will occur," Judge Diane Wood wrote in the ruling.

In 2013, hackers attacked Neiman Marcus and stole customers' credit card numbers. In December 2013, the retailer learned that some of its customers had discovered fraudulent charges on their cards. Between July 16, 2013, and October 30, 2013, about 350,000 cards had been exposed to the hackers' malware. But Neiman Marcus didn't announce the cyber-attack until January 2014.

Karen Katz, Neiman Marcus Group CEO, said that of the 350,000 cards that may have been breached, only about 9,200 were subsequently used fraudulently. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.