Top Menu

Jimmy John’s Data Breach Prompts Class Action Claims

An Arizona resident has filed a putative class action in an Illinois federal court claiming that Jimmy John’s Franchise, LLC failed to secure its customers’ personal and financial data, which were purportedly accessed through the company’s point-of-sale systems at some 216 restaurant locations, between June and September 2014. Irwin v. Jimmy John’s Franchise, LLC, No. 14-2275 (C.D. Ill., filed November 6, 2014). While the named plaintiff alleges that access to her credit card information led to “five fraudulent charges to the credit card that she used during the aforesaid transactions at Jimmy John’s,” she seeks to represent 39 separate statewide classes and a District of Columbia class of all those who used a debit or credit card at Jimmy John’s during the data breach regardless of whether they actually experienced a loss or identity theft.

The plaintiff alleges that Jimmy John’s failed to promptly discover and block the data breach, relied on a “grossly inadequate information system[] and security oversight,” and failed to promptly and adequately inform its customers about the data breach thus placing class members “at serious risk of ongoing financial loss and identity theft.” According to the complaint, the company collects and stores information relating to credit and debit cards, including the account number, expiration date, card verification value, and personal identification number for debit cards. It also allegedly “collects and stores customer names, mailing addresses, phone numbers, and email addresses.” The plaintiff further contends, “While the Company’s collection of customer information may itself be legal, by collecting and storing such extensive and detailed customer information, the Company creates an obligation for itself to use every means available to it to protect this information from falling into the hands of identity thieves and other criminals.”

Alleging violations of state data breach statutes, breach of implied contract,bailment, unjust enrichment, as well as violations of the Arizona and Illinois consumer fraud laws, the plaintiff seeks an order “requiring Defendants to pay for three years of credit card fraud monitoring services” and other injunctive relief; actual, statutory and punitive damages; restitution; disgorgement; interest; attorney’s fees; costs; and the establishment of a “fluid recovery fund for the distribution of unclaimed funds.”

 

Issue 545

About The Author

For decades, manufacturers, distributors and retailers at every link in the food chain have come to Shook, Hardy & Bacon to partner with a legal team that understands the issues they face in today's evolving food production industry. Shook attorneys work with some of the world's largest food, beverage and agribusiness companies to establish preventative measures, conduct internal audits, develop public relations strategies, and advance tort reform initiatives.

Related Posts

New Claims Filed: Medical Monitoring Sought for Animals from Pet Food Co., Foie Gras Ban Challenged, Trade Secret Dispute over Beer Bottle Design, Challenge to “Guiltless” Alcohol Beverage Trademark

Appeals Court Affirms Dismissal of Libel Claim Against TV Station for D’Lites Report

Errington Cheese to Avoid Prosecution for Child’s Death

CSPI Alleges PepsiCo’s Naked Juices Mislead Consumers

© Shook, Hardy & Bacon L.L.P., all rights reserved.

About Us | Contact UsDisclaimer & Privacy Policy

×
Close