The U.S. District Court for the District of Maryland dismissed a suit against CareFirst, a health insurance provider, related to a data breach it announced in May 2015.  The data breach involved two separate incidents that allegedly compromised the confidential personal information of approximately 1.1 million individuals, including names, birth dates, email addresses, and subscriber identification numbers; however, CareFirst denied that any confidential medical records were involved.  The court found the plaintiffs lacked Article III standing to bring the case because they did not allege any actual injury or incidents of misuse of their data related to the breach.