What sort of damages must be pleaded to survive a motion to dismiss in a data breach class action?
Recently, the Court of Appeals for the Seventh Circuit in Dieffenbach v. Barnes & Noble answered that question. In short, the court held that at the pleadings stage, damages may be just a “trifle.”
The case arose when Barnes & Noble experienced a data breach that resulted from the compromise of its point of sale system in 63 of its company stores. The data thieves acquired customers’ names, credit card numbers, expiration dates, and PIN numbers. Two Barnes & Noble customers brought a data breach class action, alleging they suffered damages arising from the data breach, specifically: (1) paying for credit-monitoring services; (2) the lost time value of their money; and (3) their own time and inconvenience in resolving problems with their financial accounts resulting from the data breach. Continue Reading