Credit Card Numbers Allegedly Exposed In Tempur Pedic Mattress Online Purchases

Consumers who purchased a Tempur Pedic mattress online before October 2016 may be the victims of a data breach.

Tempur Sealy International Inc. and former website host Aptos Inc. face a data breach class action lawsuit accusing them of failing to protect their customers’ information. Three separate website domains were affected by the alleged data breach and consumers who purchased a Tempur, Sealy, Stearns & Foster, or Tempur Pedic mattress online may have been affected.

Until October 2016, Aptos hosted and maintained Tempur Sealy’s websites and online payment system. The company provides retail enterprise management to more than 1,000 retail brands.

In February 2016, Aptos’ platform was allegedly hacked and installed with malware intended to capture payment information in the online payment system. Information compromised by the data breach included name, address, email address, telephone number, and payment information, including credit and debit card numbers.

Aptos allegedly discovered the breach in November 2016 but did not report to the authorities until December 2016. The company then allegedly waited nearly two months, until February 2017, to notify its customers, including Tempur Sealy, about the breach. Tempur Sealy allegedly waited an additional two months before notifying its consumers about the data breach in April 2017.

Consumers potentially affected by the breach include any individuals who made a Tempur Pedic online mattress purchase on TempurPedic.com, StearnsandFoster.com, or Sealy.com before October 2016.

In response to the data breach and subsequent business practices by Aptos and Tempur Sealy, a data breach class action lawsuit was filed in June 2017. The class action accuses Aptos and Tempur Sealy of improperly handling the breach and failing to alert their customers about the issue in a timely fashion.

“Had Defendants’ provided timely and accurate notice, Plaintiff and Class Members could have avoided or mitigated the harm caused by the data breach. For example, they could have contacted their banks to cancel any affected cards before fraudulent charges were made, taken security precautions in time to prevent or minimize identity theft, or could have avoided using compromised payment cards during subsequent purchases,” the class action lawsuit states.

Lead plaintiff Michelle Provost allegedly found fraudulent charges on her account days after she purchased her Tempur Pedic mattress online. According to the class action lawsuit, the charge has yet to be reimbursed. However, not all breaches of information resulted in noticeable fraud, and some victims may not be aware that their information was compromised.

Provost seeks to represent a Class of U.S. consumers whose personal information was compromised as a result of the data breach. Additionally, she seeks to represent a statewide Class of New York State consumers in a similar situation. The class action lawsuit seeks a trial by jury, damages, restitution, disgorgement, court costs, and attorneys’ fees.

Provost is represented by David Worley, James Evangelista, and Kristi Stahnke McGregor of Evangelista Worley, LLC; William Federman of Federman & Sherwood; Gary Graifman and Jay Brody of Kantrowitz, Goldhamer, & Graifman, P.C.

The Tempur Sealy Data Breach Class Action Lawsuit is Provost v. Aptos Inc Tempur Sealy International Inc., Case No. 1:17-cv-02120, in the U.S. District Court for the Northern District of Georgia.

Join a Free Tempur Sealy Data Breach Class Action Lawsuit Investigation

If you made an online purchase at TempurPedic.com, StearnsandFoster.com or Sealy.com before October 2016, you may be eligible to join this class action lawsuit investigation.

Learn More