Skip to main content
close search
site logo
Dive Brief

Zappos bucks cash payouts, proposes 10% discount as breach settlement

Published Oct. 18, 2019
Samantha Schwartz's headshot
Samantha Schwartz Reporter
Zappos

Dive Brief:

  • Following its 2012 data breach of 24 million customers, online retailer Zappos proposed a reconciliation with victims in the form of a one-time, 10% discount on a Zappos.com online or mobile purchase, according to the company's settlement site
  • If customers want exemption from the settlement they "must send a letter requesting exclusion" by Nov. 29, "or else you're bound by the settlement," according to Zappos. "You may only opt out if you do not use or transfer your discount code."
  • Emails sent to customers who shopped with Zappos at the time of the breach were informed their discount is applicable until the end of the year. The email, attached with a copy of the settlement agreement, revealed Zappos' attorneys will earn nearly $1.6 million in fees.

Dive Insight:

Though the settlement is waiting approval from judges of the United States District Court for the District of Nevada, Zappos' settlement attempt is bold in that it does not provide monetary payment — and requires customers to spend money. 

Earlier this year, Yahoo's proposed breach settlement was rejected because the "relief" that company offered was insufficient. Yahoo was and still is offering monetary compensation to victims. Equifax's breach settlement included cash payouts to victims, valued at about $125.  

Zappos, on the other hand, is offering a discount, which would require customers to give the retailer money, "not to mention you'd have to give your personal information to the company with a data breach again," commented one consumer on a public forum

The retailer was already issued a $106,000 penalty in 2015 with nine states pertaining to the breach. The settlement required the company to take on further security measures. 

The preliminary settlement comes after an initial dismissal of the class-action lawsuit. It was reopened in March, 2018. The final approval hearing is Dec. 20, according to court documents.

The Federal Trade Commission wants more authority over breach-related incidents, but the U.S. is in legislative limbo. The California Consumer Protection Act is the closest law to the European Union's GDPR as a federal data privacy law is a distant notion. 

Other companies, including Equifax, Uber, Google and Marriott International, were slapped with six- and nine-digit fines for "negligent" data breaches.

Recommended Reading

Filed Under: Security

Editors' picks

Company Announcements

View all | Post a press release
Viz.ai Wins Prestigious Prix Galien USA Award for Best Digital Health Solution
From Viz.ai
November 12, 2024
Newgen and Fadata Join Forces to Optimize Insurance Content Management
From Newgen Software
November 13, 2024
Unanet Acquires GovPro AI to Enable Customers to Win More Business
From Unanet
November 22, 2024
New Research Reveals AI's Impact on IT's Power, Status, and Pay
From 1E
November 21, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell