Numerous high-profile data breaches have been in the news, and with good reason, as civilians have found themselves getting a raw deal with regards to private information being exposed. One rather egregious case relates to a current class-action lawsuit filed against the online shoe megastore Zappos (which is now a subsidiary of Amazon). Back in 2012, the company experienced a massive data breach that threatened 24 million customers as investigators determined a great deal of data was exposed (addresses, banking information, etc.). Zappos argued to the contrary, but this did not sway angered customers from filing a class-action lawsuit against the company for failing to protect them.
As The Hill reports, Zappos filed an appeal to block the lawsuit from continuing on grounds that “The factual scenario this case presents — a database holding customers’ personal information is accessed, but virtually no identity theft or fraud results — is an increasingly common one.” It is not surprising, but no less reprehensible, that the company blames its consumer base for supposedly failing to prove harm. This still does not, however, exonerate the company from blame in having faulty InfoSec protocols and it is clear that this was merely a ploy to save money and save face in a PR nightmare.
The U.S. Supreme Court seems to agree as they have just blocked the appeal, which allows the class-action lawsuit to continue. In the words of The Hill report on the matter, the decision “flew in the face of business groups who argued the lawsuit should be dismissed because customers could not prove substantial harm.”
As stated before, this is not the first high-profile data breach, and it will most certainly not be the last. E-commerce especially is coming under fire from increasing cyberattack attempts. For this reason the InfoSec community as a whole must pressure corporations to improve their cyber-defenses. No matter what it takes, the general population should not have to live in fear of their personal data being stolen thanks to flimsy security.
Photo credit: Flickr / Erica Joy