Login

Help

BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

Arby’s sued by credit card issuer over data breach

Reprints
Cyber Risks General liability More + Less -
Arby’s sued by credit card issuer over data breach

Fast food restaurant chain Arby’s Restaurant Group Inc. is being sued by a Visa credit card issuer in a putative class action in connection with the data breach the company announced earlier this month.

The Atlanta-based fast-food chain had announced in a statement on its website that it was “recently provided with information that prompted it to launch an investigation of its payment card systems.” According to media reports, more than about 350,000 credit and debit cards have been impacted.

The lawsuit filed by Fort Wayne, Indiana-based Midwest America Federal Credit Union, which issues Visa payment cards, says, “Despite the threat of computer system intrusion, defendant systematically failed to comply with industry standards and its statutory and common law duties to protect the payment card data of its customers.”’

The lawsuit, which was filed in U.S. District Court in Atlanta on Feb. 10, and just publicized, said the costs and financial harm caused by Arby’s’ negligent conduct include canceling and reissuing compromised cards and reimbursing their members for fraudulent charges.

“Industry sources estimate that the fraudulent charges associated with this breach at Arby’s have been more concentrated than in other recent data breaches (e.g., Target Home Depot and Wendy’s) and caused plaintiff and other members of the class to suffer much greater losses,” said the lawsuit.

The lawsuit says it is estimated the exposure window for the breach of the computer system was from Oct. 25, 2016. to Jan. 19, 2017, or almost three months, and that indications are that credit and debit card information, such as cardholder names, primary account numbers, expiration dates and in certain instances PIN numbers may have been compromised.

The lawsuit charges Arby’s with negligence and seeks declaratory and injunctive relief.
A company spokesman could not immediately be reached for comment.

Read Next

  • Data breach claims spike, especially for smaller and mid-sized firms

    U.K.-based specialty lines underwriter CFC Underwriting Ltd. says there has been a significant increase in insurance claims related to data breaches during the year, Computer Business Review reported. The company handled more than 400 claims on cyber-breach policies. Around 90% of the claims came from businesses that have less than £50 million ($62 million) in revenue, with a disproportionate number of claims being made by British firms. Privacy breaches and theft, or financial loss, were said to be the most common claims filed, followed by ransomware.

Related Stories

Most Read in Risk Management

Sign up for Daily Briefing, the free email newsletter from Business Insurance.

About

Advertise

Reprints and Licensing

Resources

. Privacy PolicyTerms of Use

COPYRIGHT © 2024 BUSINESS INSURANCE HOLDINGS

Member, Beacon International Group, Ltd.