DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

No Harm, No Lawsuit: Court Dismisses VTech Litigation

Posted on July 29, 2017 by Dissent

In November, 2015, this site noted a breach involving VTech. At the time, Motherboard reported:

The hacked data includes names, email addresses, passwords, and home addresses of 4,833,678 parents who have bought products sold by VTech, which has almost $2 billion in revenue. The dump also includes the first names, genders and birthdays of more than 200,000 kids.

What’s worse, it’s possible to link the children to their parents, exposing the kids’ full identities and where they live, according to an expert who reviewed the breach for Motherboard.

On November 30, VTech confirmed the breach but reassured consumers that the data involved would not be sufficient to engage in fraud or identity theft. The following day, the unknown hacker contacted Motherboard to tell them that VTech had also left children’s photos and chat logs between parents and children unsecured.

Two weeks later, the hacker was arrested.

In response to the breach, VTech subsequently changed their EULA to include a statement, ““You acknowledge and agree that any information you send or receive during your use of the site may not be secure and may be intercepted or later acquired by unauthorized parties.”

And also in response to the breach, some customers sued.

Richard P. Lawson of Manatt Phelps and Phillips LLP has an update on the litigation, writing, in part:

In addition to legislative inquiries, the data breach triggered consolidated litigation in Illinois federal court alleging that the company failed to employ reasonable data security to protect its customers, resulting in an increased risk of identity theft to adults as well as harm to children if predators accessed their information.

VTech moved to dismiss the action for failure to state a claim. U.S. District Court Judge Manish S. Shah granted the motion, finding that the plaintiffs were unable to establish that they suffered actual harm as a result of the breach and that their alleged injuries were too “speculative” for the lawsuit to move forward.

“Plaintiffs fail to make the connection between the data breach they allege and the identity theft they fear,” the court said. “Specifically, plaintiffs do not explain how the stolen data would be used to perpetrate identity theft.”

Read more on Lexology.

Category: Breach IncidentsBusiness SectorHackNon-U.S.

Post navigation

← WestJet says some rewards members’ profile data leaked online
TX: Scope of Cameron Co. Personal Information Breach Unknown →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon
  • US govt login portal could be one cyberattack away from collapse, say auditors
  • Two Men Sentenced to Prison for Aggravated Identity Theft and Computer Hacking Crimes
  • 100,000 UK taxpayer accounts hit in £47m phishing attack on HMRC
  • CISA Alert: Updated Guidance on Play Ransomware

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant
  • US State Dept. says silence or anonymity on social media is suspicious

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.