Though a 2009 appeals court ruling that said data breach costs plaintiffs incurred in a 2007 Hannaford Bros. breach were not recoverable under Maine law was upheld in 2010, the First Circuit has reversed the decision. In the case, hackers targeted the grocer's payment system and obtained consumer credit and debit card numbers. The First Circuit ruled that it was then reasonable for the plaintiffs to purchase credit insurance or new credit cards to protect against identity theft. Maine law permits recovery for "out-of-pocket mitigation costs where it is reasonable to incur such costs," the report states. It's likely, writes Mintz Levin's Kevin McGinty for Privacy and Security Matters, that class-action data breach plaintiffs will try to capitalize on the decision.
If you want to comment on this post, you need to login.