Amy Brown Doolittle of Squire Patton Boggs writes:
As we have discussed here at CPW, one of the biggest challenges facing a plaintiff in a data breach class action is to establish an injury from the alleged data breach. Earlier this week, in David De Midicis v. Ally Bank & Ally Fin., Inc., 2022 U.S. Dist. LEXIS 137337 (S.D.N.Y. Aug. 2, 2022), the Southern District of New York dismissed the case for lack of Article III standing because plaintiffs had failed to allege an injury in fact from the data breach.
As alleged in the complaint, the plaintiff maintained checking, savings and securities accounts with the defendants. In April 2021, the defendants discovered a coding error which resulted in usernames and passwords for certain customers being sent to a limited group of entities with which the defendants had ongoing contractual and business relationships.
Read more at The National Law Review.