Discount fashion apparel retailer Stein Mart and Social Annex, Inc. are on the receiving end of a proposed class action that seeks relief for consumers whose sensitive financial and personal information was exposed between December 28, 2017, and July 9, 2018; on May 19, June 1, and June 15, 2018; and between July 8 and 9, 2018.
Social Annex, which does business as Annex Cloud, provides Stein Mart with e-commerce services that allow consumers to purchase goods online using their username and password from other websites such as Facebook and Amazon, the case says. According to the 38-page lawsuit, Stein Mart sent letters in November 2018 in which it informed proposed class members that its Annex systems had been accessed by unauthorized users who were able to capture customers’ payment card information, among other details.
The case argues the defendants “failed to take reasonable steps to employ adequate security measures” with which they may have been able to properly detect or prevent such an incident. The data breach, the lawsuit says, was the inevitable result of the defendants’ “cavalier approach” to cybersecurity in the face of myriad, well-publicized data breaches of large corporations.
For its part, Stein Mart, the suit argues, has failed to provide affected consumers with any reasonable assistance in dealing with the data breach, whether by helping to recoup fraudulent charges on their payment cards, canceling/closing fraudulently opened accounts, or obtaining credit monitoring services.
“Rather than providing meaningful assistance to consumers to help deal with the fraud that has and will continue to result from the Data Breach, Defendants simply told them to carefully monitor their accounts,” the lawsuit says. “In contrast to what is and has been frequently made available to consumers in recent data breaches, Defendants have not offered or provided any monitoring service or fraud insurance to date.”