New Jersey District Court Considers Expansion of FCRA Liability

On July 17, 2017, a New Jersey federal district court heard oral arguments in a motion to dismiss a putative class action lawsuit alleging violations of the Fair Credit Reporting Act (“FCRA”), 15 U.S.C. § 1681a et seq. The FCRA claim in the case, In re: Horizon Healthcare Services Inc. Data Breach Litigation, case no. 2:13-cv-07418 (D.N.J.), arises from a theft suffered by Horizon Healthcare Services, a health insurance provider. The theft occurred when unknown individuals stole Horizon employees’ computers from an office building. The computers contained personal information of Horizon customers, including social security numbers and medical information, although it is unclear whether anyone’s personal information was accessed as a result of the theft. The plaintiffs in the case claim that Horizon intentionally or negligently failed to safeguard customers’ personally identifiable information from unauthorized disclosure, alleging that Horizon kept data unencrypted and otherwise handled data improperly and not in accordance with current cybersecurity best practices. FULL RELEASE