Tom Cruise, as the head of the Pre-crime unit in the movie Minority Report, would be pleased to know that the California 9th Circuit Court of Appeals issued a ruling last Thursday that a 2012 data breach at Zappos rejected claims that the victims of the breach did not establish that they were harmed by the breach. The breach affected 24 million customers, which leaked email addresses, passwords, phone numbers, and the last four digits of their credit cards. The three judges on the panel added that the breach gave hackers the means to commit fraud or identity theft. So, while the breach victims have not yet been able to prove the breach resulted in actual harm to them, they now have the ability to move forward with their class-action lawsuit against Zappos.
This ruling creates some major precedent as there have been 4500 data breaches made public since 2005 according to a Digital Guardian article. And who knows the number of non-public or even undetected data breaches that have occurred. This gives the public a lot of companies to target in class-action lawsuits.
Since 2005, Biscom has been helping companies reduce the risk of data breaches with its Secure File Transfer solution. Biscom SFT has been used by companies to securely share confidential information, send large files, and provide detailed reports on all sharing activities. Many companies are still using email and FTP to share sensitive information which can put them in Zappo’s shoes (unintended pun). Companies should review how they communicate and whether there is potential to expose PII or other confidential information, and upgrade to a secure and easy-to-use solution like Biscom SFT.
Link to full article about Zappos breach: https://www.mediapost.com/publications/article/315744/zappos-must-face-class-action-over-data-breach-ap.html