In January 2012, the Amazon-owned online retailer Zappos suffered a major data breach that exposed personal information of about 24 million of the site’s customers, including names, addresses, passwords, and the last four digits of their credit card numbers. The fallout from large-scale data breaches is never resolved quickly, but even by those standards, the settlement that Zappos proposed this fall was a little bit shocking both in how long it took to reach and how little it offered to victims of the breach.
The settlement, which was submitted for approval to the United States District Court for the District of Nevada in September, provides a 10-percent-off code for one Zappos order per affected customer, but the discount has to be used by 11:59 Pacific time on Dec. 31, 2019, or within 60 days of being distributed to affected customers, whichever is later. The deal has already received preliminary approval and is likely to be finalized in the coming weeks. It’s an astonishing step backward in data breach settlements and a disheartening reminder of how easy it is for major companies to still walk away from data breaches with minimal consequences.
Sourced through Scoop.it from: slate.com