SAN JOSE (CN) - Adobe Systems' "shoddy security protocols" allowed hackers to steal credit card and log-in data from 38 million people last month - a fiasco 13 times larger than Adobe initially reported, a class action claims in Federal Court.
"The massive breach did not come as a surprise to industry experts familiar with Adobe's security practices who warned that Adobe's shoddy security protocols and track record of previous breaches made it susceptible to massive hack of the scope and depth that resulted," lead plaintiff Christian Halpain says in the lawsuit.
Adobe announced the security breach on Oct. 3, stating that hackers had stolen 3 million credit and debit card records and log-in data from an undetermined number of users, Halpain claims. She says Adobe later acknowledged that about 38 million users had been affected.
"Adobe promises its users that it will provide 'reasonable administrative, technical, and physical security controls' to protect their PII [personally identifiable information] and represents that it uses industry-leading security practices to do so, but Adobe's actual security practices are substandard in the industry and continue to result in breaches of Adobe's networks and software," according to the lawsuit.
Halpain seeks class certification and punitive damages for breach of contract, breach of faith, unfair competition and violation of the California Data Breach Act.
She is represented by Eric Gibbs, with Girard Gibbs, of San Francisco.
Read the Top 8
Sign up for the Top 8, a roundup of the day's top stories delivered directly to your inbox Monday through Friday.