Online stationery and craft company Minted Inc. has been hit with a CCPA class action lawsuit, stemming from a massive data breach the company disclosed in late May. The proposed class action lawsuit, filed in a California federal court, claims that Minted Inc. failed to implement “reasonable security measures” and to properly encrypt certain personal information. See Atkinson v. Minted, Inc., No. 3:20-cv-03869 (N.D. Cal. June 11, 2020). As a result, the hackers allegedly accessed the company’s database that contained customers’ names and login credentials, including unredacted and unencrypted account information. Some 73.2 million records were allegedly stolen and included passwords, names, and other information.
The Minted Inc. lawsuit is predicated on the California Consumer Privacy Act. It also asserts other causes of action, such as California’s Unfair Competition Law, negligence, breach of contract, and breach of implied contract. The putative class seeks compensatory damages, punitive damages, and penalties. The plaintiffs asked the court to certify two classes: (1) a California class predicated on the CCPA and the UCL and (2) a nationwide class, which includes those consumers to whom the CCPA and the UCL do not apply.
Now Available!
Join Us On LinkedIn
Join the Cybersecurity and Incident Response Group on LinkedIn