DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

NJ: Court dismisses breach lawsuit against Horizon Blue Cross Blue Shield

Posted on April 6, 2015 by Dissent

In December, 2013, Horizon Blue Cross Blue Shield of New Jersey notified almost 840,000 members that their protected health information was on laptops stolen from the insurer’s Newark headquarters on November 1, 2013.

At the time, Horizon BCBS reported that the laptops were password-protected, but the data were unencrypted, and

After a detailed review with outside computer forensic experts, we have confirmed that the laptops may have contained files with differing amounts of member information, including name and demographic information (e.g., address, date of birth, Horizon BCBSNJ identification number), and in some instances, a Social Security number and/or limited clinical information. Due to the way the stolen laptops were configured, we are not certain that all of the member information contained on the laptops is accessible.

That breach was the impetus for a new law in New Jersey that requires encryption of PHI. The law went into effect January 9th.

But the breach was also the impetus for some lawsuits by aggrieved members who alleged that the breach placed them at “imminent” and “immediate” risk of harm from identity theft, medical fraud, and other woes. They sought compensation under FCRA and state laws.

On March 31, however, the court dismissed their lawsuits over the breach, holding that the plaintiffs had failed to establish standing via the “economic injury” prong. As other courts have held, this court, too, also held that simple violation of a statutory rights is not sufficient to demonstrate injury-in-fact to establish standing. Finally, citing the Third Circuit’s decision in Reilly, the court held that “allegations of hypothetical, future injury are insufficient to establish standing” because plaintiffs had “not suffered any injury” and would not sustain an injury and until these conjectures come true”.

There’s more, and you can read it all here (pdf), but you get the drift by now. Another one bites the dust over standing.

 

Related posts:

  • Horizon Blue Cross Blue Shield Pays $1.1M For Customer Data Breach
  • NJ: Horizon BCBS notifies members that perps posing as doctors stole their insurance information
  • Horizon Blue Cross Blue Shield loses round in data breach litigation
  • Command Marketing Innovations Reports Printing Error Impacting Horizon Blue Cross Blue Shield of New Jersey Members
Category: Health DataU.S.

Post navigation

← OH: Former ProMedica hospital employee indicted on criminal HIPAA and CFAA charges
OK: EyeCare of Bartlesville notifies patients after hard drive locked by malware →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.