Yesterday, Morgan & Morgan attorneys John Yanchunis and Patrick Barthle filed a proposed class action lawsuit against Brinker International, the owner of Chili’s Grill & Bar, after Brinker acknowledged a data breach compromised the payment card information of Chili’s customers.
The lawsuit was filed in the U.S. District Court for the Middle District of Florida on behalf of three plaintiffs—Marlene Green-Cooper, Shenika Thomas, and Fred Sanders—and all other customers who made a credit or debit card purchase at an affected Chili’s location during the data breach.
“It is surprising that payment card breaches continue to be a problem at retailers,” said Yanchunis. “Consumers need to be cautious when using a debit or credit card and ask how the retailer is protecting their payment card information. They need to be vigilant and closely monitor the transactions being made with their cards to ensure that each transaction is what they authorized.”
“Consumers need to be vigilant and closely monitor the transactions being made with their cards to ensure that each transaction is what they authorized.”
In March 2018, hackers gained access to Brinker’s network and installed malware on Chili’s point-of-sale (POS) systems. The malware allowed the hackers to steal the payment information of Chili’s customers.
Approximately two months after the breach, Brinker acknowledged that customers who used payment cards for transactions at certain corporate-owned Chili’s restaurants from March through April 2018 had their customer data stolen, including credit or debit card numbers and cardholder names.
As a result of the data breach, the plaintiffs were the victims of fraudulent credit card charges, the lawsuit alleges. Unfortunately, these may not be the only repercussions from their payment information being compromised. Data breach victims are also at an increased risk of becoming victims of identity theft and fraud months or even years after their information was stolen.
Brinker, Chili’s Ignored Industry Data Breach Warning Signs
“Their approach to maintaining the privacy and security of Customer Data was lackadaisical, cavalier, reckless, or at the very least, negligent.”
POS systems are on-site devices, much like an electronic cash register, which manage consumer transactions. After a payment card is swiped, very briefly the card’s data is stored within the system’s memory. Hackers often install malware to capture this information.
P.F. Chang’s, Arby’s, Chipotle, and Wendy’s have all suffered from data breaches involving their POS systems. Despite industry warnings that arose from these highly publicized data breaches, the lawsuit alleges that Brinker failed to act in order to prevent a similar incident from affecting their customers.
The complaint states, “Brinker’s approach to maintaining the privacy and security of the Customer Data of Plaintiffs and Class members was lackadaisical, cavalier, reckless, or at the very least, negligent.”
The lawsuit claims multiple damages, including the theft of plaintiffs’ personal and financial information, future injury as a result of identity theft and potential fraud, and untimely and inadequate notification of the data breach.
Brinker Will Face Nation’s Top Data Breach Attorneys
Data breaches are an all too common occurrence, but that doesn’t mean corporations should get away with their negligence and failure to protect consumer data. Our attorneys fight on behalf of consumers to ensure that they don’t.
Just last week, attorneys John Yanchunis and Ryan McGee filed a lawsuit against SunTrust Bank over the potential data theft that compromised the private information of 1.5 million SunTrust customers. And in March, Yanchunis filed the first civil lawsuit in response to the unlawful mining of 87 million Facebook users’ private data by Cambridge Analytica. Yanchunis also currently holds leadership positions on the Equifax and Yahoo data breach cases.
If you suspect your personal data has been compromised, learn more about data breach lawsuits and how to join them.