Top Class Actions’s website and social media posts use affiliate links. If you make a purchase using such links, we may receive a commission, but it will not result in any additional charges to you. Please review our Affiliate Link Disclosure for more information.
Dickey’s Barbecue Pit repeatedly failed to keep its customers’ payment information safe, resulting in data breaches that saw more than three million of its customers’ payment card records advertised on the dark web, a new lawsuit alleges.
California resident Michael Marhefka filed the nationwide class action lawsuit against the restaurant chain Monday in the Southern District of California.
If you were affected by a data breach, you might be eligible to join or file a class action lawsuit. Lawyers are currently investigating recent data breaches nationwide and the impact that they’ve had on Americans. Click here for more information.
The lawsuit alleges Dickey’s failed to exercise reasonable care in safeguarding its customers’ information, after a 2020 report came out revealing payment card data had been stolen from its customers at more than 100 restaurant locations around the country between May 2019 and Sept. 2020.
“Gemini Advisory, a cyber intelligence firm, reported that approximately 156 of Defendant’s locations across 30 states likely had payment systems compromised by payment card-stealing malware, with the highest exposure in California and Arizona,” the lawsuit states.
The card information was posted on the dark web, according to the lawsuit, with hackers advertising that the cards were valid in 90-100 percent of cases.
The lawsuit alleges that Dickey’s was using an outdated payment system which was prone to attack. It also points out that Dickey’s had a ransomware attack in 2015, and promised to heighten cybersecurity after the incident.
“Despite its past experience with data security incidents and promises to implement state of the art data security practices, [Dickey’s] again failed to protect its customers’ [personal identifying information] with adequate data security,” the lawsuit states.
Despite the vulnerability of point of sales systems being well known in the restaurant industry, and Dickey’s past history of attack, it did not prevent the 2019/20 breach. In fact, it did not even detect the breach, the lawsuit says.
As a result, its customers have had their information exposed to criminals, the lawsuit states.
Marhefka said he visited a Pasadena Dickey’s Barbecue Pit twice in 2020 and used his payment card. Since the data breach was revealed, he has had to monitor his account and review his statements frequently for signs of misuse.
He said similar consumers of Dickey’s are likely to have had unauthorized charges on their cards, theft of personal and financial information and loss of privacy.
The lawsuit seeks to represent a nationwide Class of United States residents who made a credit or debit card purchase at any affected Dickey’s Barbecue Pit restaurant during the period of the data breach. It also seeks to represent a California subclass. Dickey’s has 483 restaurant locations in 43 states.
The barbecue chain is being sued under federal negligence laws, as well as California unfair competition and consumer privacy laws.
Marhefka is seeking certification of the Class, damages, interest, fees and costs and an enjoinment requiring Dickey’s Barbecue to implement “proper data security policies and practices.”
A data breach can expose your most confidential and sensitive information to hackers looking to use the information for nefarious purposes. Data breaches expose personal information, financial information, and even very private medical and health data.
Do you expect restaurants to keep your financial data safe from hackers? Let us know in the comments!
The plaintiffs are represented by Gayle M.Blatt, Jeremy Robinson and P. Camille Guerra of Casey Gerry Schenk Francavilla Blatt & Penfield, LLP.
The Dickey’s Barbecue Data Breach Class Action Lawsuit is Michael Marhefka et al, v. Dickey’s Barbecue Restaurants, Inc., Case No. 3:21-cv-00585-GPC-AGS, in the United States District Court Southern District of California.
Read About More Class Action Lawsuits & Class Action Settlements:
5 thoughts onDickey’s Barbecue Data Breach Leaked More Than 3M Customer Records, Lawsuit Alleges
Add me please
Please add me
Please add me
Please, add me
Add me