Hackers broke into a Zappos.com server last weekend, giving them access to the accounts of 24 million Zappos customers. As predicted, a class action lawsuit has been filed against the Amazon-owned company, claiming it’s responsible for the hack because it failed to protect its servers.

According to the Zappos.com class action lawsuit, Amazon and Zappos violated the Fair Credit Reporting Act (FCRA) by failing to adopt and maintain adequate procedures to protect its customers’ personal account information.

Last weekend hackers broke into an “unprotected” Zappos server in western Kentucky and stole customers’ names, account numbers, email addresses, phone numbers, billing and shipping addresses, the last four digits of their credit card numbers, and encrypted passwords.

As a result, Zappos.com customers “have suffered, and will continue to suffer” damages including the loss of their passwords, expenses for credit monitoring and identity theft insurance, out-of-pocket expenses, anxiety, emotional distress, loss of privacy, and other economic and non-economic harm, the Zappos hack class action lawsuit states.

The Zappos class action lawsuit is brought on behalf of all persons whose Zappos.com personal customers account information was stolen in the Zappos.com hack. It is seeking damages and injunctive relief requiring Zappos to pay for credit monitoring and identity theft insurance. It is also asking that Zappos be required to submit to periodic compliance audits by a third party to ensure it is properly protecting its customers’ personal account information.

A copy of the Zappos.com Server Hack Class Action Lawsuit can be read here.

The case is Theresa D. Stevens v. Amazon.com, Inc. d/b/a Zappos.com, Case No. 12-cv-32, U.S. District Court, Western District of Kentucky, Louisville Division.