Data breach putative class action against Zappos dismissed for lack of standing because Plaintiffs did not allege they had suffer any harm

On June 1, 2015, the District Court of Nevada dismissed without prejudice for lack of standing a putative class action brought by data subjects whose personal information were stolen against Zappos.

Zappos was targUnknown-1eted by hackers and the personal identifying information of approximately 24 million of its customers were stolen. Shortly thereafter, a number of lawsuits were filed against Zappos by customers. The different actions were consolidated before the District Court of Nevada and Zappos moved for dismissal for lack of standing.

According to Zappos, Plaintiffs did not alleged any actual damages arising from the data breach. On the other side, Plaintiffs contended that (i) their injury stemmed from an increased risk that they will become victims of identity theft, and that (ii) the intrinsic value of their data was damaged.

The District Court granted Zappos’ motion to dismiss without prejudice. In its discussion, the Court noted that none of the Plaintiffs alleged that they had actually suffered any harm. Moreover, only some of the Plaintiffs took additional steps of purchasing credit monitoring services to protect against the allegedly increased threat of fraud.

In addition, the Court found that Plaintiffs’ personal information value did not decrease, nor did they allege any facts explaining how their personal information became less valuable as a result of the breach.

The Court considered that three years have already passed from the security breach without injuries and it found that Plaintiffs did not allege a threat of future harm sufficiently imminent to justify their holding.

In re Zappos.com, Inc., Customer Data Sec. Breach Litig., No. 12-00325 (D. Nev. June 1, 2015) is available at http://classifiedclassaction.com…             Open pdf

For more information, contact Francesca Giannoni-Crystal

Follow us on& Like us on