Microsoft has settled a class action lawsuit after being accused of leaking too much customer information on their Microsoft Store Point of Sale receipts.
The lawsuit alleges that Microsoft Store receipts contained the buyer’s name, the name of the salesperson and the first six and last four digits of his payment card number, more than half the numbers on the card. According to the 2003 US Fair and Accurate Credit Transactions Act (FACTA), retailers may only print the last five numbers of a payment card on the receipt. Retailers had till 2006 to comply with this restriction.
“Despite the clear language of the statute, Defendant willfully or knowingly chose not to comply,” the claim reads.
Microsoft noted however that the issue was due to a technical bug which only lasted one month, and was immediately addressed when brought to their attention, and that there was no evidence of harm to customers in the form of theft, harm or identity theft.
The charge was brought in the Southern Florida US District Court in 2015 and Microsoft has agreed to settle the claim for $1.19 million, with individually who made a card purchase at the Microsoft store between November 2013 and February 24 2017 able to claim up to $100 if they come forward to complain. This includes 66,000 class members. As part of the terms of the proposed settlement Microsoft is not admitting any liability, but has agreed to conduct an internal review to assess FACTA compliance at their stores.
In a statement a Microsoft spokesperson said:
“This was a technical bug that we immediately fixed when it was brought to our attention. We’re pleased this matter is resolved and are committed to protecting our customers.”
The case is Carlos Guarisma v. Microsoft Corp., case number 1:15-cv-24326, in the U.S. District Court for the Southern District of Florida.
The settlement is now awaiting approval and certification by Judge Cecilia Altonaga, and potential claimants will presumably be notified if they are due any compensation.