A data breach case against Macy’s, originally filed in Massachusetts state court, has been removed to federal court. The complaint claims a data security breach took place between October 7 and October 15, 2019, during which hackers stole personal consumer information from Macy’s website. Macy’s is represented in the case by Goodwin Procter and the plaintiff, Robert Hartigan, is representing himself.
The complaint says Macy’s issued a public statement after the breach on November 14, 2019 saying they were aware of the incident. Hartigan also claimed they informed customers of possible identity theft or financial crimes advising them to be vigilant and offered identity monitoring and surveillance services within 12 months from the date on the notification letter. The complaint claims they did not follow through with this offer.
The plaintiff claims he and the rest of the class suffered emotional distress, a breach in privacy, public disclosure of private facts, and loss of time because of the negligence and breach of contract by Macy’s. Macy’s is close to settlement in a similar lawsuit in the Alabama Northern District Court from a data breach in 2018.