The reselling platform is making headlines once again. However, the latest news regarding the company relates to a class-action lawsuit about the 2019 data breach, according to Complex.
The data breach story, originally reported by TechCrunch, mentioned that StockX knew of the data breach in May, but didn’t give a detailed notice to its users till after. In addition to that, the platform issued an email recommending its users to update passwords and emails because of a “system update.”
A class-action lawsuit under the name of a minor was issued as a result. The lawsuit states the following:
As a result of StockX’s negligent, intentional, or unconscionable failure to adequately satisfy its contractual, statutory, and common-law obligations, Plaintiff’s PII was accessed, acquired, stolen, and re-sold by thieves for the express purpose of misusing Plaintiff’s data and causing further irreparable harm to Plaintiff’s personal, financial, reputational, and future well-being.
Josh Luber, StockX’s co-founder and the public face for the company, addressed part of the data breach saga on the Complex Sneakers podcast recently.
“We didn’t have enough information to make a full disclosure, to say everything that was going on,” Luber said, “but we knew that we needed to update everyone’s passwords and lock everything down ASAP.”
Luber recently announced that he will depart from the company and has his eyes set on another start-up venture.
Despite the lawsuit, the company argues that the ability to file a class-action lawsuit is void when they agreed to StockX’s terms of service. By agreeing to the terms, users have created a legal contract obligating them to bring claims through binding and final arbitration, according to StockX.
The plaintiffs in the case are seeking monetary compensation.
StockX has until September 30 to respond to the matter. Keep it locked here at Nice Kicks as the story continues to develop.
UPDATE 12/9/21
StockX’s ongoing class-action lawsuit over its data breach in 2019 has been dismissed by the federal judge in charge of the lawsuit according to The Fashion Law.
Michigan District Judge Victoria Roberts granted the reselling platform’s motion to dismiss the class-action suit citing StockX’s terms of service, which “always included an arbitration agreement, a delegation provision, a class action waiver, and instructions for how to opt-out of the arbitration agreement.”
Before the case made its way to arbitration, two of the plaintiffs who are minors, appealed to the U.S. Court of Appeals for the Sixth Circuit, disputing that there’s no evidence whether four of the plaintiffs accepted their terms of service and further argued that the TOS can’t be enforced due to them being minors.
StockX isn’t out of the woods yet even as this case is moving to arbitration, as another lawsuit against StockX filed by Laura Esquer has not been dismissed yet due to different laws in Michigan and California, where Esquer is based.
Esquer accuses StockX of breaking California’s Consumer Records Act and Unfair Competition Law by “fail[ing] to secure and safeguard its customers’ private information, including the names, shipping addresses, email addresses, and passwords of those who created accounts on the StockX website.” She also states that StockX “knew, or should have known, that its data security measures were inadequate,” since the breach involved other e-commerce websites such as adidas.com, zappos.com, and more.
“We are pleased with the court’s decision and look forward to continuing to focus on cementing our position as a leading platform for the trading and consuming of current culture,” StockX said in a statement via Complex.
