Settlement reached in StockX data breach class action

Users of hacked sneaker trading platform may be reimbursed up to $130,000 each

Settlement reached in StockX data breach class action

A proposed Canada-wide settlement has been reached in a class action related to the data breach incident suffered by the online sneaker marketplace StockX.

On May 14, 2019, an unknown third party gained unauthorized access to StockX’s cloud environment, compromising certain customer data. TechCrunch reported that a data breach seller claimed that over 6.8 million records were stolen from StockX; the stolen records included information such as names, email addresses, encrypted user passwords, shoe size, and trading currency. The data alarmingly also included the user’s device type (Android or iPhone), as well as the software version.

Three years after the breach, on May 02, 2022, the Superior Court of Quebec authorized a class action for settlement purposes only.

A release from Lex Group Attorneys in Quebec – representatives of the settlement class members – said that class members include anyone who lives in Canada and is registered for a StockX user account prior to May 14, 2019.

The settlement will provide an 18-month subscription with TransUnion for credit monitoring services, free of charge. Any substantiated and documented monetary claims totalling up to an aggregate cap of $130,000 for approved claims may also be reimbursed to settlement class members who can provide proof of out-of-pocket costs or unreimbursed expenses caused by or incurred as a result of the data breach.

A release from Lex Group said that the hearing over the settlement approval takes place today, July 05, 2022, at the Montreal Courthouse. Class members are not required to attend the hearing.

Read more: Desjardins sees massive settlement deal given green light

StockX is not the only company forced to face the music following a major data breach. A $200.9 million class action settlement was also recently approved, related to the 2019 data breach incident which affected financial services cooperative Desjardins. The breach led to the data leak of 4.2 million cooperative members, including the information of former Desjardins president Claude Béland.