Panera data breach class action overview:
- Who: A former Panera Bread employee is suing the bakery chain.
- Why: The plaintiff says tens of thousands of people had their personally identifiable information exposed in a Panera data breach.
- Where: The Panera data breach class action lawsuit was filed in a Missouri federal court.
A former employee of Panera Bread is suing the bakery chain, alleging her personally identifiable information — including Social Security number — was exposed in a cyberattack on the company.
Plaintiff Gracelyn Donovan filed the class action lawsuit against Panera LLC on June 21 in a Missouri federal court, alleging negligence.
Donovan says Panera stored sensitive information about current and former employees that was stolen in a March cyberattack on its systems. She says she believes the information, which includes passport numbers, driver’s license numbers and financial account numbers, is now in the hands of cybercriminals and will be marketed and sold.
She estimates that tens of thousands of people have been affected by the breach.
Panera was ‘reckless’ with employee data, lawsuit claims
Panera could have prevented the March 23 data breach by adequately securing and encrypting its servers, Donovan says.
Instead, she says Panera disregarded the rights of her and others by “willfully, recklessly, or negligently” failing to implement adequate measures to ensure their personally identifiable information was safeguarded.
As a result, the information kept on the Panera servers was compromised and exposed to an “undoubtedly nefarious third party that seeks to profit from this disclosure by defrauding Plaintiff and Class Members in the future,” she says.
Panera delayed informing victims, lawsuit alleges
As well as failing to protect the data, Panera was negligent in informing potential victims of the cyberattack that their data was exposed, Donovan claims.
“Not until after months it claims to have discovered the Data Breach did Defendant begin sending the Notice to persons whose [information] it confirmed was potentially compromised as a result of the Data Breach,” she claims.
This prevented victims of the breach from taking additional steps to secure their private information and bank account from cybercriminals, the lawsuit adds.
Donovan hopes to represent anyone in the United States whose personally identifiable information or private information was exposed to unauthorized third-parties as a result of the March 23 data breach.
She’s seeking certification of the class action, damages, fees, costs and a jury trial, plus an injunction forcing Panera to improve its data security practices.
Meanwhile, last month Panera announced it will stop serving its Charged Lemonade drink, which is the subject of two wrongful death lawsuits, Law360 reports. Panera declined to say if the changes are related to the two lawsuits.
Were you affected by the Panera data breach? Let us know in the comments!
The plaintiff is represented by Maureen M. Brady of McShane & Brady LLC and Kevin Laukaitis of Laukaitis Law LLC.
The Panera data breach class action lawsuit is Gracelyn Donovan v. Panera LLC, Case No. 4:24-cv-00864 in the U.S. District Court for the Eastern District of Missouri.
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
3 thoughts onPanera class action alleges restaurant data breach impacts tens of thousands
Add me.
How does Panera contact those in the breach? All of my contact information I registered with them has changed, including address, phone, and email. Thank you.
add me