The U.S. Supreme Court has rejected an appeal from shoe retailer Zappos to quash a class action lawsuit brought against the company from those who had their PII exposed in that firm’s 2012 data breach.
Zappos was attempting to overturn made a decision by a San Francisco-based appeals court to allow the case to continue, The Hill reported. Zappos was supported by the U.S. Chamber of Commerce and other business groups who stated the case should be disallowed because not all the customers could prove the breach caused them substantial harm.
In January 2012 hackers breached a server belonging to online retailer Zappos, now owned by Amazon, allowing them access to the personal information of more than 24 million customers. Investigators believe the hackers harvested names, email addresses, billing and shipping addresses, phone numbers and the last four digits of credit card numbers.
Legal action brought by victims of data breaches have resulted in some hefty payouts:
- In January 2019 Neiman Marcus settled a class action lawsuit for $1.5 million that was brought after the department store suffered a data breach in 2014.
- In February 2019 Wendy’s agreed to pay $50 million to settle negligence claims following its 2015-2016 data breach that affected more than 1,000 of the burger chain’s locations. Payment card data was stolen from victims who purchased food at these locations then used fraudulently at other merchants after malware was installed through a third-party vendor.
- In March2019 the drive-in fast food chain Sonic is being sued by the American Airlines Federal Credit Union for $5 million in an attempt to recoup money the credit union lost due to Sonic’s data breach in 2017.