That Didn't Take Long At All: Sears Sued For Data Breach
from the $5-million,-please dept
Well that didn't take very long at all. Late last week, it was revealed that Sears.com was revealing past purchases to anyone who knew your name, address and phone number -- a violation of Sears' own privacy policy. And, by Monday, we have a $5 million class action lawsuit against Sears. While I do think Sears made a huge mistake here, the class action lawsuit seems a bit extreme. There's no evidence that anyone was actually hurt by this -- and while it was a dumb move by Sears, it's not difficult to understand how it likely came about. Chances are Sears will settle this quickly just to get it out of the news, but really the only winners will be (as per usual) the lawyers.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: class action, data breach, privacy
Companies: sears
Reader Comments
Subscribe: RSS
View by: Time | Thread
well..
in order to protect the identity of others, Sears should have fixed that the moment it was found.
they didn't, they had over a week to fix it, they didn't, so they have to take it up the rear for their mistakes
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Frankly, Mr. Lamper needs to go down. As a former Sears employee, I would like to see nothing more than that moron's world come crashing down around him.
[ link to this | view in chronology ]
Look at That! New HDTV!
Hmm, let me see...
Stanley & Vivian Thusandsuch just bought a 65" Samsung...
I have their address...
How long would it take a "mildly-crafty" thief to pull that one off?
[ link to this | view in chronology ]
Re: Look at That! New HDTV!
[ link to this | view in chronology ]
Re: Re: Look at That! New HDTV!
[ link to this | view in chronology ]
Re: Look at That! New HDTV!
I see it all the time oh the guy living at # 33 on such & such a street just got a brand new Laser printer... chances are there is a computer too. Your shopping habits are far from secret I only have to follow you home from the big-box store to know where you take that HDTV.
[ link to this | view in chronology ]
Class Action Suit?
The stupid lawyer who is filing this is going to keep at least half for "legal fee" bull .. poo.
Lawyers are ruining us, one frivolous lawsuit at a time.
Doesn't class action lawsuits need people that were hurt by something to be filed?
How can the lawyer prove all the people that were affected and get them to join to make this an actual case?
Did he just sit there plugging in names from a phone book until he had enough?
Its just a lawyer money grab.
[ link to this | view in chronology ]
Re: Class Action Suit?
While I do agree with you that we're being ruined by an excess of lawyers who need to make work for themselves, this is a case where the privacy-apathetic company needs to be slapped down for a) putting something like that up for public use without thinking it through first and then b) failing to fix or remove it immediately once a leak of private information was identified. Is a class-action suit the best way to do so? Maybe, maybe not. I don't know. But just ignoring it and hoping they'll eventually get around to plugging up the holes would not have accomplished anything.
[ link to this | view in chronology ]
Cut 'em Some Slack
When members of the National Guard from a number of states were called to serve in Iraq, the deployment disrupted a whole lot of families. Many of the men and women called to duty are married and have settled into their lives. Families of Sears employees who were called up continued to receive the regular paycheck of the family member who was called. To me, that's the right thing to do and I will always support this business, if for no other reason than to thank them for their patriotism.
[ link to this | view in chronology ]
Re: Cut 'em Some Slack
[ link to this | view in chronology ]
[ link to this | view in chronology ]
it doesn't matter than nobody got hurt
The officers and directors at Sears need at least 90 days in Joe Arpaio's jail for this. Maybe $1Billion is an adequate fine.
There is absolutely no excuse for this. None!
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re: It doesn't matter that nobody got hurt
I concur. To borrow a line from "American Treasure", Somebody's got to go to prison. If not for this, then for the spyware that they're peddling.
Until Cxx-level executives are held personally responsible for this kind of nonsense, it will continue. Nobody will lose their job. Nobody will lose their golden parachute. Nobody will lose anything -- except the victims, who have already lost anyway.
So yeah, I recognize that the lawyers bringing this suit may ultimately turn out to be the only people who benefit from it. I'm fine with that, as long as it inflicts serious pain on Sears. My disappointment is really (a) the amount is 100X too small and (b) it's a civil action, so none of the Sears executives will shortly be calling an 8x8 box "home".
[ link to this | view in chronology ]
Meanwhile other companies (and the government, in Ohio I believe it was) leak credit card information and social security numbers and don't even get fined.
Yea, this isn't a money grab at all.
[ link to this | view in chronology ]
Good! Let the lawsuit begin!
I despise it when companies do this. There was NO REASON for Sears to even want this data, let alone the politeness of just asking if it were okay to capture it.
With T&Cs getting so verbose anymore, it has just become second nature to say "No" to everything, even if it means not ordering anything.
In this day of identity theft, NO personal information should be taken without permission regardless how "safe" it may seem.
For the poster who made the comment about YellowPages, sure, go get my information that way.
Oh, wait. You can't. I don't publish my information.
Had I signed up to Sears' smoke and mirror tactics of "community", I would have been boned with even more mailbox junk at the least.
Now, if someone can start a "war" on why, all of a sudden, Verizon is allowing unsolicited text ads and making consumers pay for them.
I had to stop all texting features because of it!
DOWN WITH ADVERTISING!
[ link to this | view in chronology ]
Wipe it please!
To get access and provide an infrastructure to this data is not trivial even without addressing security issues, which as this blunder illustrates were probably never considered.
Screw Sears and any company that abuses the legal vacuum that is privacy. Me, I don't think it should be legal for companies to retain personal information, at all without written content, renewed even 6 months.
[ link to this | view in chronology ]
Loser Lawsuits
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
RE: Wipe it please
[ link to this | view in chronology ]
RE: Wipe it please
[ link to this | view in chronology ]
[ link to this | view in chronology ]
customer information
of employees and former employees with this information
[ link to this | view in chronology ]