USA: Adobe faces breakthrough class action via OSINT-X Newswires

Judge Lucy H. Koh of the Northern District of California concluded - on 4 September 2014 - that plaintiffs suing Adobe Systems Inc. had standing to bring claims against Adobe arising from data breach 2013. The class action accuses of failing to protect users' private information when hackers stole millions of credit card records.

As a result of the breach, various plaintiffs whose personal information had been compromised brought actions against Adobe alleging numerous violations of California's Customer Records Act and California's Unfair Competition Law (UCL). Adobe dismissed all claims, arguing that the plaintiffs lacked standing under U.S. Supreme Court's decision in Clapper v. Amnesty International USA, 133 S. Ct. 1138 (2013).

Most other courts since the Clapper decision have dismissed similar actions for lack of standing where data breach plaintiffs have not proven actual misuse of their data or harm. Judge Koh trimmed some of the plaintiffs' claims, concluding they had failed to establish any injury traceable to Adobes failure to timely notify customers of the breach. She also stated some plaintiffs had not adequately pleaded injury under California's UCL. Nevertheless, Koh concluded the hacking itself, in which hackers obtained personal information and decrypted credit card numbers, qualified as harm.

The court gave the plaintiffs 30 days to file a second amended complaint addressing the pleading deficiencies identified in the order.