"Walmart has become the latest big-name brand accused of violating California’s new data breach regulations.
The retail giant is the subject of a new complaint alleging that customers now face “significant injuries and damage” after an unspecified incident.
Customer names, addresses, financial and other information were among the haul for attackers, according to the suit filed in the US District Court for the Northern District of California.
“As a result of defendants’ wrongful actions and inactions, customer information was stolen. Many customers of Walmart have had their PII compromised, have had their privacy rights violated, have been exposed to the risk of fraud and identify theft and have otherwise suffered damages,” the suit alleges.
“Further, despite the fact that the accounts are available for sale on the dark web, and Walmart’s website contains multiple severe vulnerabilities through which the data was obtained, Walmart has failed whatsoever to notify its customers that their data has been stolen.”
Although it’s unknown at present how many customers were affected by the incident, the filing claims that the number of class members is “at least in the thousands.”
If the maximum damages under the California Consumer Privacy Act (CCPA) are awarded, that means $750 per customer. Walmart intends to defend the claims made against it."