Class Actions

Macy’s Faces Suit After Disclosing Data Breach

• Retail giant Macy’s notified its customers and state regulators of a data breach affecting the accounts of online shoppers. The breach occurred between April 26 and June 12, 2018.

• Only two days after receiving notice, online Macy’s shoppers filed a putative class action complaint in the U.S. District Court for the Northern District of Alabama against the retailer because of the breach.

• Alleging negligence and violations of Alabama’s Deceptive Trade Practices Act, the suit requests an injunction against Macy’s from its allegedly “wrongful conduct,” including “refusing to issue prompt, complete and accurate disclosures” as well as actual, compensatory and statutory damages, and statutory penalties.

Data Breaches

Social Media Service Timehop Experiences Data Breach Affecting 21 Million Users

  • Social media service Timehop, which collects and posts old content from other social media services, experienced a data breach affecting as many as 21 million users of the service.
  • According to the company’s notice, although its investigation is ongoing, the breach involved names, email addresses, gender, country codes and phone numbers. The company also explained that it has no evidence that any accounts were accessed without authorization.

States

California’s New Data Privacy Law Could Affect Half a Million Companies

  • A recent report issued by the International Association of Privacy Professionals posited that as many as 500,000 U.S. companies could be affected by the California Consumer Privacy Act of 2018 (the CCPA).
  • The report also speculates the CCPA, which makes significant changes to consumer privacy protection rights for Californians, also could significantly affect companies outside the U.S. if the law interprets “doing business in California” to apply to any business − domestic or international − that collects data about California consumers.