in Newswire Published on March 11, 2019

Class Action: Stein Mart, Annex Cloud Failed to Implement Reasonable Cybersecurity Measures Before Data Breach

by Corrado Rizzi

Last Updated on March 12, 2019

View Comments

Kyle et al v. Stein Mart, Inc. et al

Filed: March 8, 2019 § 1:19cv483

Read Complaint

Stein Mart and Annex Cloud face a lawsuit over a data breach allegedly caused by the companies' failure to take "reasonable steps" toward adequate cyber security.

Defendant(s)

Stein Mart, Inc. Social Annex, Inc. Annex Cloud

Law(s)

State(s)

Delaware

Categories

Privacy Data Breach

Discount fashion apparel retailer Stein Mart and Social Annex, Inc. are on the receiving end of a proposed class action that seeks relief for consumers whose sensitive financial and personal information was exposed between December 28, 2017, and July 9, 2018; on May 19, June 1, and June 15, 2018; and between July 8 and 9, 2018. 

Social Annex, which does business as Annex Cloud, provides Stein Mart with e-commerce services that allow consumers to purchase goods online using their username and password from other websites such as Facebook and Amazon, the case says. According to the 38-page lawsuit, Stein Mart sent letters in November 2018 in which it informed proposed class members that its Annex systems had been accessed by unauthorized users who were able to capture customers’ payment card information, among other details.  

The case argues the defendants “failed to take reasonable steps to employ adequate security measures” with which they may have been able to properly detect or prevent such an incident. The data breach, the lawsuit says, was the inevitable result of the defendants’ “cavalier approach” to cybersecurity in the face of myriad, well-publicized data breaches of large corporations.

For its part, Stein Mart, the suit argues, has failed to provide affected consumers with any reasonable assistance in dealing with the data breach, whether by helping to recoup fraudulent charges on their payment cards, canceling/closing fraudulently opened accounts, or obtaining credit monitoring services.

“Rather than providing meaningful assistance to consumers to help deal with the fraud that has and will continue to result from the Data Breach, Defendants simply told them to carefully monitor their accounts,” the lawsuit says. “In contrast to what is and has been frequently made available to consumers in recent data breaches, Defendants have not offered or provided any monitoring service or fraud insurance to date.”

Case Spotlight

Hair Relaxer Lawsuits

Women who developed ovarian or uterine cancer after using hair relaxers such as Dark & Lovely and Motions may now have an opportunity to take legal action.

Read more here: Hair Relaxer Cancer Lawsuits

ClassAction.org Newsletter

Stay Current

Sign Up For
Our Newsletter

New cases and investigations, settlement deadlines, and news straight to your inbox.

This browser does not support PDFs. Please download the PDF to view it: Download PDF.
Open Document
Last Updated on March 12, 2019 — 3:49 PM

Corrado Rizzi

corrado@classaction.org

Corrado Rizzi is the Senior Managing Editor of ClassAction.org.

About ClassAction.org

ClassAction.org is a group of online professionals (designers, developers and writers) with years of experience in the legal industry.

Learn More

Before commenting, please review our comment policy.