Paradies Shops to pay $6.9 million for employee data leak after REvil attack - HackYourMom

21 April 2025 2 minutes Author: Newsman

Paradies Shops has agreed to pay $6.9 million in compensation after a massive data breach caused by the REvil hack in 2020 that affected the personal information of more than 76,000 employees.

A Georgia court has tentatively approved a settlement between Paradies Shops and affected employees whose personal information was stolen in an October 2020 cyberattack. The hackers accessed the company’s administrative systems for five days and took possession of files containing names, social security numbers and other sensitive information.

Although Paradies Shops only started sending the messages eight months later, which caused outrage among victims, the company rejected a plea deal but agreed to settle the dispute to avoid expensive and lengthy litigation.

The lawsuit was filed by a former employee who alleged that the company not only ignored basic data protection principles, but also concealed details of the incident — including the causes of the vulnerability. This, the plaintiffs believe, magnified the negative consequences of the attack. Paradies Shops is one of the largest airport retailers in the United States and Canada, with more than 1,000 stores. The incident occurred in 2020, when hackers from the REvil group hacked the company’s network. It was only eight months after the hack that the company reported the leak to both its own employees and relevant regulatory authorities.

The Paradies case is just one of many similar lawsuits: Retina Group of Washington recently agreed to pay $3.6 million in compensation, and in 2024 Lehigh Valley Health Network paid $65 million after a medical information leak.

This case demonstrates: protecting personal data is not only a task for IT specialists, but also a legal obligation. The company’s slow response and concealment of information about the incident became the basis for a lawsuit, and the significant compensation shows how seriously the courts have begun to take such leaks. Businesses need not only to implement protection, but also to respond promptly to incidents, otherwise they risk losing not only data, but also reputation.

Other related articles

Is the EU opening the door to piracy? Apple warns about the consequences of the DMA

According to the DMA, Apple must provide access to alternative App Stores on its devices in the EU. This has already provoked the active use of AltStore Classic, which allows you to install pirated applications, including hacked versions of Spotify or YouTube. The company warns of an increase in cyber threats due to the inability to control sideloading, but restrictions on its influence are enshrined in EU legislation.

75

Nemesis Market: a “darknet empire” with over 400,000 criminal transactions

Nemesis Market is one of the largest darknet markets, operating until March 2024, and has become a target for the FBI and international partners. The founder, Iranian Behrouz Parsarad, is accused of large-scale drug trafficking, money laundering, and creating an infrastructure for criminal cyber activity. If convicted, he faces life in prison.

101

6 Million Users at Risk

Security researchers have discovered 58 Chrome extensions with spying functionality that were used by more than 6 million users. They secretly read cookies, track behavior, change search settings, and run remote code. Some of them even had a "Featured" status in the Chrome Web Store, although they were hidden from regular searches. Users are strongly advised to immediately review their installed extensions and remove suspicious ones.

85

Found an error?

If you find an error, take a screenshot and send it to the bot.

↑