Printed from BusinessInsurance.com

Sonic settlement approved in 2017 fast food data breach

Posted On: Aug. 13, 2019 2:01 PM CST

Sonic

The U.S. District Court in Cleveland approved a $4.3 million final settlement in connection with a 2017 data breach of Sonic Corp. fast food restaurants, although it slightly reduced the amount of attorneys fees requested.

Oklahoma City-based Sonic, which was acquired by Atlanta-based Inspire Brands Inc. last year, estimates there are about 1.5 million settlement class members, according to Monday’s District Court filing in In Re: Sonic Corp. Customer Data Security Breach.

The settlement class includes those who used a debit or credit card purchase at one of 325 involved Sonic Drive-In locations between April 7, 2017 and Oct. 28, 2017.

Some class representatives alleged they had experienced unauthorized charges to their payment cards because of the breach, although each received complete reimbursement from their banks.

They also alleged they spent time dealing with issues related to their compromised credit or debit cards, and most continued to spend time checking their accounts, according to the filing.

The court did decrease the requested legal fees to $1.3 million from $1.4 million.

It cited as a factor lead counsel Oklahoma City-based Federman & Sherwood’s average billing rate of $553 an hour, when attorneys fees surveys indicate Oklahoma City-based attorneys handling class actions had a median billing rate of $300 an hour in 2016.

A Sonic spokesman and attorneys in the case could not immediately be reached for comment.

Experts say Capital One Financial Corp.’s massive data breach could have a ripple effect throughout the cyber liability insurance marketplace.