Tamara Burns reports:
Backblaze Inc., a company specializing in computer data backup and recovery, is the subject of a proposed class action lawsuit filed last Friday. The class action lawsuit alleges Backblaze puts private customer data at risk by shipping them unencrypted external storage drives.
[….]
Plaintiff Scott Hellervik takes issue with Backblaze’s procedures for returning a large amount of information back to the user via an external recovery drive. When customers order an external storage drive, Backblaze then unencrypts the data that is loaded onto the drive, and ships it to the customer without added protection, according to Hellervik.
[….]
“By failing to encrypt customers’ personal information before mailing it (and, in fact, actively unencrypting it), Backblaze allows nefarious parties to target these packages (given the sensitive information disclosed on the shipping labels), intercept them before reaching the intended customers, and access their sensitive personal information.”
Hellervik knew how easy it was for someone else to access his personal data because that was exactly what happened to him, he alleges in his class action lawsuit. Allegedly, Backblaze somehow shipped Hellervik’s external hard drive to another Backblaze customer. That customer, in trying to find the correct owner of the hard drive, simply accessed the restore drive and sifted through Hellervik’s information to find a file that contained Hellervik’s name and number, according to the Backblaze class action lawsuit.
Read more on Top Class Actions.
The case is Hellervik v. Backblaze Inc., Case No. 3:15-cv-03956, in the U.S. District Court for California’s Northern District.