Lawsuit filed against Shopify over Ledger data breachwritten by Bella Palmer
Shopify and its third-party data consultant TaskUs are being held responsible by complainants for leaking personally identifiable information of Ledger buyers
Global e-commerce platform Shopify and hardware wallet maker Ledger face a major legal hurdle as a group of Ledger users have filed a class-action lawsuit for its part in failing to prevent a massive data breach in 2020.
The suit was filed in the United States District Court of Delaware on Friday and alleges that Shopify ‘repeatedly and profoundly failed to protect its customers’ identities.’
Shopify and its third-party data consultant TaskUs are being held responsible by complainants for leaking personally identifiable information (PII) of Ledger buyers despite marketing promises assuring the full security of the Shopify platform.
The plaintiffs claim Shopify and TaskUs were aware of the data breach for over a week before notifying customers.
They are asking for the exact type of information leaked to be disclosed by Ledger and Shopify and for a monetary reward that covers actual and punitive damages.
France-based Ledger is also included as a defendant in the case for its marketing claims promising customer security. The complaint states that Ledger ‘initially denied that any compromise of PII had occurred,’ but later had to backtrack and refer to the leak and to Shopify in an email notification.
The complaint stated: Despite the repeated promises and worldwide advertising campaign touting unmatched security for its customers, Ledger—and its data processing vendors, Shopify and TaskUs—repeatedly and profoundly failed to protect its customers’ identities, causing targeted attacks on thousands of customers’ crypto-assets and causing Class members to receive far less security than they thought they had purchased with their Ledger Wallets.
As the complaint alleges, Ledger used Shopify to run its website’s online store. As a result, Shopify had direct access to the PII of customers on Ledger’s database. Shopify uses TaskUs to provide customer support services and, therefore, it also had access to Ledger’s customer data.
Hackers made off with personal information from about 272,000 Ledger users and over 1 million email subscribers to Ledger’s newsletter in 2020. A massive phishing and intimidation campaign targeting Ledger owners followed resulting in some victims losing crypto assets.
This article is for information purposes only.
Please remember that financial investments may rise or fall and past performance does not guarantee future performance in respect of income or capital growth; you may not get back the amount you invested.
There is no obligation to purchase anything but, if you decide to do so, you are strongly advised to consult a professional adviser before making any investment decisions.