A class action lawsuit resulting from a large data breach was recently filed against online stationery and craft company Minted Inc. The proposed class action lawsuit, filed in a California federal court, claims that Minted Inc. failed to implement “reasonable security measures” and to properly encrypt certain personal information. Hackers allegedly accessed the company’s database that contained unredacted and unencrypted customer information. Over 70 million records, including passwords, names, and other information, may have been stolen due to this breach.
Much of this case is based on Minted’s alleged failure to comply with the California Consumer Privacy Act (“CCPA”); if Minted is shown to have failed to implement “reasonable security measures” to avoid a data breach, the victims of the data breach that are California residents may be able to receive $100 to $750 per violation. With over 70 million records at stake, the CCPA penalties could be enormous. Additionally, California Attorney General can seek even higher penalties through a regulatory enforcement action.
It may take some time for Minted’s case to work its way through the system, but one thing is clear:..