Mondelez Global LLC is seeking a dismissal for a lawsuit concerning a data breach at Bryan Cave Leighton Palmer LLP, a law firm they employ. The argument from Mondelez is that the workers whose data was compromised during the breach haven’t experienced a concrete injury, thus invalidating their standing to sue. The motion to dismiss the lawsuit was filed in the US District Court for the Northern District of Illinois this past Monday. This source provides the complete motion on public record.
In the wake of the cyber attack on Bryan Cave last February, Mondelez employees filed a suit after personal data from over 50,000 employees was ended up exposed. The stolen information ranged from employee dates of birth, home addresses, marital status, Social Security numbers, to even retirement and company thrift-plan data, which was specified in their breach notification letter.
It’s worthy of note that the law firm, Bryan Cave, is currently not involved in this lawsuit, however they are dealing with a related case filed by other Mondelez employees. The motion stated by Mondelez further points out that the law does not impose a legal duty on employers to protect the computer systems of their external counsel. A separation of this case is also argued on the basis of the economic loss doctrine which dismisses their tort claims.
The motion also offers a critique of other claims put forth by the plaintiffs in the would-be class action, listing a series of alleged pleading deficiencies as the reason. The initial lawsuit carries charges of negligence, negligence per se, unjust enrichment, breach of implied contract, invasion of privacy, and violations of the Illinois Consumer Fraud and Deceptive Business Practices Act.
The motion notes the plaintiffs had not alleged any harm resulting from the breach, it states,“Nine months have passed, and the plaintiffs still cannot identify a single instance of identity theft, fraud, or financial harm befalling any putative class member, much less the five named plaintiffs,”. The document also dismisses their claims of injury due to time spent monitoring their accounts and potential future costs of credit monitoring.
The plaintiffs and the proposed class are represented by Milberg Coleman Bryson Phillips Grossman PLLC and Daniel Srourian of Los Angeles, with Mondelez represented by DLA Piper LLP (US). The case is referred to as In re Mondelez Data Breach Litig.