Top Class Actions’s website and social media posts use affiliate links. If you make a purchase using such links, we may receive a commission, but it will not result in any additional charges to you. Please review our Affiliate Link Disclosure for more information.
A California man has filed a class action lawsuit against online dating service Zoosk following a data breach in which 30 million user records were allegedly compromised.
Plaintiff Juan Flores-Mendez and others say Zoosk was hacked by a group that calls itself the “ShinyHunters.”
According to the Zoosk app class action lawsuit, the group hacked and in early May attempted to sell nearly “200 million stolen records from at least 13 companies.”
In addition to the Zoosk app, ShinyHunters’ other targets included Home Chef, Minted, Minnesota’s Star Tribune newspaper and others, according to Wired.
Someone claiming to be a ShinyHunters member told Wired in an instant message that it is “not too hard” to breach so many companies’ information.
“It’s just a way to make money, but if companies are afraid and want their database taken off the market, they can contact me for an agreement, it has been done recently and both sides were satisfied,” the group told Wired.
The class action lawsuit claims Zoosk did not contact affected customers until weeks after the breach took place.
The risk of “significant harm” to the plaintiffs and Class Members increased as the amount of time between the breach and the notification of customers grew longer, the class action lawsuit says.
In its notice to customers, Zoosk said the breach happened around Jan. 12. The database that was breached did not contain financial or credit card data.
The Zoosk app does not collect information such as Social Security number, passport numbers “or other taxation or government identity information, so none of these types of information are at issue,” the notice said.
The Zoosk dating app information stolen does include users’ names, email addresses, birth dates, gender, gender search preferences, other demographic information and possibly password information, the complaint says.
The user information uncovered in the data breach is protected under the California Consumer Privacy Act of 2018 (CCPA), which went into effect Jan. 1, 2020, the class action lawsuit says. The plaintiffs claim Zoosk failed to maintain reasonable security controls as required by the CCPA and other laws, and failed to take proper precautions against hacking and other intrusions.
The Zoosk app breach has resulted in the necessity for the plaintiffs and Class Members to constantly monitor their financial and personal records, and has caused a loss of rights, the complaint says.
The plaintiffs also say they and the Class are now at higher risk of phishing and pharming attacks.
Indeed, the data stolen by ShinyHunters doesn’t give scammers a direct route to fraud, but it does expand criminals’s options, Wired reported.
The plaintiffs do not believe Zoosk is taking the breach seriously enough.
The company has not offered customers credit monitoring or other measures beyond what is publicly available, the complaint says.
Zoosk’s notice to affected customers makes it the user’s responsibility to change their password and states the company is “providing the contact details for the national consumer reporting agencies and a reminder to remain vigilant for incidents for fraud and identity theft by reviewing account statements and monitoring credit reports,” the Zoosk app class action lawsuit states.
In addition to violating the CCPA, the Zoosk app also allegedly violated California’s Unfair Competition Law when the company established substandard security practices and procedures, by soliciting and collecting the plaintiffs’ and California Subclass Members’ personal identifying information knowing the information wouldn’t be adequately protected; and by storing that information in an “unsecure electronic environment.”
Flores-Mendez’s class action lawsuit seeks to certify a Class of individuals whose personal information was compromised in the breach, as well as a Subclass of affected California residents.
The plaintiffs seek compensatory and punitive damages; statutory or civil penalties as warranted by law; an order instructing Zoosk to provide or purchase credit monitoring services for the Class; injunctive relief directing the defendants to implement reasonable security measures to protect user information according to state and federal guidelines and industry norms; court costs and fees; and any other relief deemed appropriate by the Court.
The plaintiffs plan to seek civil penalties at a later time.
Are you a Zoosk user who thinks your personal information may have been compromised by the ShinyHunters hack? Let us know in the comments.
The plaintiff is represented by Marcus J. Bradley, Kiley L. Grombacher, Lirit A. King and Robert N. Fisher of Bradley/Grombacher LLP.
The Zoosk Dating App Data Breach Class Action Lawsuit is Juan Flores-Mendez, et al. v. Zoosk Inc., et al., Case No. 3:20-cv-04929, in the U.S. District Court for the Northern District of California.
Read About More Class Action Lawsuits & Class Action Settlements:
Walmart Class Action Lawsuit Says Customers Subjected to Data Breach
Former McDonald’s Employee Files Fingerprint Privacy Class Action Lawsuit
Exxon and PBF Energy Reach $4.4M California Wage and Hour Settlement
What Does the California Coalition Against Sexual Assault Do?
ATTORNEY ADVERTISING
Top Class Actions is a Proud Member of the American Bar Association
LEGAL INFORMATION IS NOT LEGAL ADVICE
Top Class Actions Legal Statement
©2008 – 2024 Top Class Actions® LLC
Various Trademarks held by their respective owners
This website is not intended for viewing or usage by European Union citizens.
209 thoughts onZoosk Class Action Lawsuit Says Dating App Exposed To Massive Data Breach
I can get no help from Zoosk.
After I joined Zoosk I started receiving a lot of spam, scams, fraudulent messages etc. I’ve been recently locked out of my account. I can’t even get to home page to file a complaint or phone #
My account had been hacked also and I did not get any reply from Zoosk. Please add me.
I began membership w/Zoosk since 2016 and not once did I ever receive notification any kind regarding this breach.
Please include me in this action. Thank you. LL
I began membership w/Zook since 2016 and not once did I ever receive notification any kind regarding this breach.
Please include me in this action. Thank you. LL
My account was hacked and they messaged several people under my account.
I tried to message these people to warn them, but it kept immediately deleting my response. It’s like it was someone that had access from inside the company.
I then tried adding a warning in my profile in the about me section, but I got an email from Zoosk stating that my post was denied because it violated their terms. I tried re wording the warning and was still denied.
This only allowed for more people to be tricked or hacked.
zoosk is the first account that my personal information got leaked into the dark web 2013-14 that i could see that is on my credi report
Hey add me to the class action too, I I’ve been compromised and my personal information is being used
Add me to, my info was in there also.
Yes my Zoosk site was hacked and I have had many experiences of unfavorable customer service when I have reached out to Zoosk. I have seen hackers gain access to individual accounts as well as set up hacker accounts I feel Zoosk has substandard Data Steward ship rules
Yeah I had terrible log in problems and I’m getting some dubious texts , from scammers . I have forwarded them to the aussie fraud squad .. I’m glad I removed my photos abs profile .. but like you said they have your phone number date of birth and email .. Iive been in touch with their legal team .. wanting answers