Federal Court Denies Motion to Dismiss in Data Breach Class Action Against Summit Pathology Laboratories
March 12, 2026 – Federman & Sherwood, a national law firm focusing on consumer protection and data privacy litigation, announces that the United States District Court for the District of Colorado issued an order largely denying a motion to dismiss filed by Defendant Summit Pathology Laboratories, Inc. in a consolidated data breach class action.
The case, Alexander, et al. v. Summit Pathology Laboratories, Inc., arises from a cybersecurity incident affecting sensitive patient information maintained by the laboratory. In an order issued on March 9, 2026, the Court granted the defendant’s motion in part and denied it in part, allowing several key claims to proceed.
Importantly, the Court rejected the defendant’s arguments that the plaintiffs lacked standing and found that the plaintiffs sufficiently alleged injuries related to the breach, including time and effort spent mitigating potential misuse of their personal information and increased exposure to fraud and spam communications.
The Court also held that plaintiffs adequately alleged negligence and negligence per se claims and determined that harms resulting from the theft of sensitive personal and medical information were foreseeable in the healthcare context.
This ruling is significant because it confirms that, at the pleading stage, individuals affected by a data breach can establish standing and proceed with claims where misuse of information and mitigation efforts are plausibly alleged. The decision also reinforces the duty of entities that collect and store sensitive personal and medical data to implement reasonable cybersecurity safeguards.
Federman & Sherwood is pleased with the Court’s ruling and will continue to vigorously pursue the claims on behalf of affected individuals