Duqum, et al. v. Scottrade, Inc., No. 4:15-cv-1537-SPM (E.D. Mo. July 12, 2016)

A Missouri federal magistrate judge dismissed, for lack of standing, a class action suit against Scottrade for claims stemming from data hacks. In February 2016, several Scottrade customers filed a class action against the company after it was revealed that personal information of over 4.6 million clients was stolen from the company's servers between September 2013 and February 2014. While plaintiffs alleged that they had suffered injuries as a result of the data breaches, including increased risk of identity theft and identity fraud, costs of monitoring and mitigating against the data theft, and failure to receive the full value of the bargained-for services, the court held that plaintiffs failed to meet the injury-in-fact requirement of Article III of the Constitution. The court held that the increased risk of future harm of identity theft from an information breach alone did not constitute an injury in fact, distinguishing cases in which customers' personal confidential information was stolen and later used for fraudulent purchases. Here, the information had not been used for two years following the hack. The court also rejected the argument that plaintiffs' personal information had suffered a deprivation of value as "insufficient to demonstrate an injury in fact." View the decision. (Read our discussion of Spokeo in Consumer Fraud Class Action Developments.)

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.