Kristin L. Bryan of Squire Patton Boggs writes:
Data breach litigations rarely make it to motions for class certification. This trend makes each decision that does come out addressing class certification in the data breach context that much more interesting. Well, last week a federal court denied a plaintiff’s motion to certify a class in the wake of an employer data breach that allegedly resulted in the disclosure of employees’ sensitive tax information and other data.
The case is McGlenn v. Driveline Retail Merch., Inc., 2021 U.S. Dist. LEXIS 9532 (C.D. Ill. Jan. 19, 2021). Bryan kindly recaps the facts for us:
… a plaintiff filed suit against her employer after the employer was the victim of a phishing attack. That attack resulted in the purported disclosure of current and former employees’ personal and tax information, including their names, addresses, zip codes, dates of birth, wages and withholding information, and Social Security numbers. Following disclosure of the data breach, the employer offered employees 12 months of credit monitoring service (some accepted the services, while others did not).
Read more about the case and why the court denied certification on The National Law Review.