Anywhere from 100,000 to 200,000 Snapchat photos and videos were stolen and posted online this week. The whole debacle was named after M. Night Shyamalan’s natural disaster movie, The Happening, in which a chemical agent causes people to commit suicide. And like the movie, many users found the breach to be a major letdown.

Snapchat has maintained that it’s not at fault, blaming “Snapchatters” for using third-party apps like “SnapSaved” that are banned in the terms that a user agrees to when registering with the app. Critics of the company have pointed out that the majority of Snapchat’s users are between the age of 12 and 24 and not as likely to read the fine print of the terms or detect a scam, leaving the responsibility on the company to work with customers to maximize privacy.

As data and privacy breaches become more frequent, they raise the question of who is responsible for securing personal information — the user or the company.

Last holiday season’s Target data hacking is now echoed in frequent reports from supermarkets to banks of breaches that may have compromised customers’ secure information. Target’s CEO responded to the security issue by accepting responsibility and resigning. But that has become an uncommon move as companies are increasingly depicted as victims of all-too-clever hackers. Home Depot’s response to a September data breach was to inform customers to keep an eye on their accounts, even though more card numbers were stolen than when Target’s system was hacked.

But consumers aren’t buying the victim narrative. Nearly two dozen federal lawsuits have been filed against Home Depot so far claiming that the security breach could have been prevented if the company encrypted customer data stored on computers inside their stores.