Supreme Court Denies Zappos’ Request To Throw Out Class-Action Suit

Court Denies Zappos’ Request To Throw Out Suit

The United States Supreme Court has rejected an appeal by online shoe company Zappos over a data breach in 2012 that compromised the information of 24 million customers, according to a report from Reuters.

Zappos, which is a subsidiary of Amazon, was appealing the decision by a California-based federal appeals court to bring back the lawsuit. Originally, a Nevada judge claimed only people who had suffered financial loss were eligible for damages.

The crux of the case is whether people whose data was stolen can bring a lawsuit against a company even if the data was not used by any other companies or criminals for things like identity theft or fake charges.

Zappos’ argument is that because customers weren’t harmed by the data breach, a federal lawsuit should not be warranted. Customers argue that stolen information can be used for a long time after it is stolen, and that it could be years before it is even noticed.

The hack occurred in January of 2012 when perpetrators got access to Zappos’ servers and stole names, contact details and segments of credit card numbers.

Zappos customers who bought shoes and other merchandise said the company did not properly encrypt its servers, which allowed for the breach. Zappos said it responded quickly to reset passwords so that no extensive harm was done.

The 9th U.S. Circuit Court of Appeals overturned the Nevada judge’s ruling last year, saying “hackers accessed information that could be used to help commit identity fraud or identity theft.”

That court said Zappos customers can sue if they show there is a future risk of impending harm. The company fought back, saying the standard was “manifestly insufficient,” and asked the Supreme Court to reverse the decision.

Zappos, which is backed by the U.S. Chamber of Commerce, said data breaches are increasingly common in the digital age, and that the court should protect businesses from “sprawling and costly litigation.”



Digital transformation has been forcefully accelerated, but how does that agility translate into the fight against COVID-era attacks and sophisticated identity threats? As millions embrace online everything, preserving digital trust now falls mostly on banks and FIs. Now, advances in identity data and using different weights on the payment mix afford new opportunities to arm organizations and their customers against cyberthreats. From the latest in machine learning for fraud and risk, to corporate treasury teams working in new ways with new datasets, learn from experts how digital identity, together with advances like real-time payments, combine to engender trust and enrich relationships.