Sears Data Breach Draws Lawsuit

A New Jersey resident has filed a $5 million class action lawsuit against the retailer charging breach of contract and a violation of the Consumer Fraud Act.

Thomas Claburn, Editor at Large, Enterprise Mobility

January 7, 2008

1 Min Read

Following revelations that Sears' site exposed customer purchase data to any online visitor who asked about it, a New Jersey resident has filed a $5 million class action lawsuit against the retailer.

In a complaint filed on Friday in Cook County, Ill., where Sears has its headquarters, plaintiff Christine Desantis alleges that the company's exposure of customer data represents a breach of contract and a violation of the Consumer Fraud Act.

The $5 million sought is to cover payments to affected consumers and attorneys, and the cost of injunctive relief; no individual is seeking more than $75,000, according to the legal filing.

The crux of the case is that Sears "failed to take reasonable steps to ensure that [consumers'] private information was secure," according to the complaint.

"Implicit in Sears's contracts is a good faith and fair dealing provision, requiring Sears to disclose whether and to what extent it makes publicly available customers' personal information and to take reasonable steps to insure that the private information of [customers] is not easily accessible by the public," the complaint states. "Not only does Sears fail to make such disclosures, it makes contrary disclosures on its Web site, listing the specific circumstances -- none of which are germane to the instant case -- under which Sears does share customer information with others."

The complaint also alleges that Sears' failure to promptly and prominently disclose the security breach on its Web site constitutes a violation of the Consumer Fraud Act, a claim that shows how much disclosure laws like California's SB 1386 have changed the expectations of corporations following a data breach.

A Sears spokesperson said the company does not comment on pending litigation.

About the Author(s)

Thomas Claburn

Editor at Large, Enterprise Mobility

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful master's degree in film production. He wrote the original treatment for 3DO's Killing Time, a short story that appeared in On Spec, and the screenplay for an independent film called The Hanged Man, which he would later direct. He's the author of a science fiction novel, Reflecting Fires, and a sadly neglected blog, Lot 49. His iPhone game, Blocfall, is available through the iTunes App Store. His wife is a talented jazz singer; he does not sing, which is for the best.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights