Data Breach

Week Adjourned: 5.6.16 – Wendy’s Data Breach, Honeywell, More Talc Powder

Top Class Action Lawsuits

Drive Around to the First Window and… It’s been a while since we’ve reported a data breach class action. This week, one such lawsuit was filed against Ohio-based Wendy’s by First Choice Federal Credit Union, alleging a five-month long data breach could have been prevented if the company had acted faster.

From October 22, 2015 through to March 10, 2016, hackers accessed Wendy’s computer systems and stole what could be millions of consumer credit cards that had been used at certain Wendy’s locations. So someone besides was making change on your burger and fries. And let’s not get started on the issue of inconvenience!

“As a result of Wendy’s data breach, plaintiff and class members have been forced to cancel and reissue payment cards, change or close accounts, notify customers that their cards were compromised, investigate claims of fraudulent activity, refund fraudulent charges, increase fraudulent monitoring on potentially impacted accounts, and take other steps to protect themselves and their customers,” the Wendy’s data breach lawsuit claims.

Specifically, the plaintiffs claim that Wendy’s holds on to credit card information longer than necessary and failed to meet the October 2015 deadline for EMV cards and terminals.

“Despite the growing threat of computer system intrusion, Wendy’s systematically failed to comply with industry standards and protect payment card and customer data,” the lawsuit states, noting that as a consequence, financial institutions have borne the brunt of the data breach.

The complaint asserts that Wendy’s used outdated and easily hackable computer and credit card systems, and that the company failed to meet federal regulations and guidelines around computer and data security, stating that Wendy’s “refused to take steps to adequately protect its computer systems from intrusion.”

A Wendy’s spokesman has said that malware was discovered by third-party investigators, but the company has yet to confirm how many of its 6,000 stores had been hacked.

Honeywell Warranty Class Action Warranted… This is why you want your day in court: A proposed defective products class action brought by consumers against Honeywell International was given the green light this week, by a judge who just wasn’t buying the corporate line. US District Judge Berle M. Schiller of the Eastern District of Pennsylvania told the defendant, Honeywell International, that essentially they couldn’t make a case to have the suit tossed.

The Honeywell class action asserts that Honeywell TrueSTEAM humidifiers were defectively designed and inadequately covered by warranty. Feel the swamp waters rising? Yes, well, read on.

According to the complaint, the humidifiers are unreliable, difficult to maintain, and prone to malfunction and deterioration.

Judge Schiller wrote in his memorandum, “According to plaintiffs, Honeywell is aware of the problems with its humidifiers, but uses an ‘overly burdensome warranty claims process that is designed to, and does, deter customers from making claims under their warranties.” And, “Honeywell’s remedy to repair fails of its essential purpose because Honeywell simply replaces defective humidifiers with ‘the same defectively designed humidifiers that are prone to the problems complained of by plaintiffs and members of the classes.'” Thank you Judge Schiller.

The plaintiffs also allege they were told their defective units would not be serviced until technicians inspected them. They are seeking recovery for the related removal and repair costs, since they claim Honeywell promised that each unit would be free from defect, and if it wasn’t, the company would repair the unit. Oh yes, the fine print—but just wait…

“According to the amended complaint, however, that promise was false. Instead, plaintiffs were required to satisfy Honeywell, through an authorized technician and/or a contractor’s inspection, that the humidifier actually was defective,” Schiller wrote. “Thus, Honeywell placed an additional burden upon plaintiffs seeking to repair or replace their defective unit.”

The judge wrote that the plaintiffs have adequately alleged that the humidifiers were defective five years after the purchase date as the warranty promised, and that Honeywell failed to replace the units as it expressly warranted.

The plaintiffs asserted breach of express warranty, breach of implied warranty, unjust enrichment, and other claims.

I’ll bet those plaintiffs are happy campers this weekend.

Top Settlements

A Bittersweet Victory… This week, a $55 million settlement was leveled against Johnson & Johnson (J&J) by a jury hearing the case of a woman who alleges her use of the company’s talc-powder products for feminine hygiene caused her to develop ovarian cancer.

This is the second J&J talc powder verdict in a row against J&J in talc-cancer lawsuits J&J plans to appeal. The company is facing some 1200 such lawsuit all claiming the company failed to adequately warning consumers about its talc-based products’ cancer risks.

The trial took three weeks, and returned the verdict in favor of Gloria Ristesund in a day. She was awarded $5 million in compensatory damages and $50 million in punitive damages.

According to her suit, Ristesund used J&J’s talc-based powder products, which include the well-known Baby Powder and Shower to Shower Powder, on her genitals for decades. According to her lawyers, she was diagnosed with ovarian cancer and had to undergo a hysterectomy and related surgeries. Her cancer is now in remission.

The verdict in the first J&J talc-cancer lawsuit awarded $72 million to the family of a woman who died from ovarian cancer. She had also used the talc powder for feminine hygiene for years.

Ok, that’s a wrap folks…Have a good one. See you at the Bar!

Week Adjourned: 3.20.15 – Homejoy, Target, Drywall Pricing

Top Class Action Lawsuits

Uhh…Maybe not Everyone Deserves a Happy Home? You’d think with a name like ”Homejoy Inc”, there’d be a lot of joy to go around. Well, maybe for the customer and business owners, but maybe not so much for the workers. The company is facing two potential employment class action lawsuits, alleging the company is in violation of California labor laws.

The house-cleaning business allegedly fails to pay its workers minimum wage or overtime, denies workers legally mandated breaks and requires house cleaners to incur their own business-related expenses, among other infractions, according to one lawsuit. Specifically, the lawsuit claims Homejoy misclassifies its workers as “cleaning professionals”–as independent contractors–rather than employees.

Additionally, the lawsuits allege Homejoy workers must wear a shirt with the Homejoy logo on it while servicing homes and can be subject to “performance improvement plans” if their ratings are too low. The complaints further claim that “cleaners are an integral part of Homejoy’s business of providing cleaning services, among other services, to its customers.”

The plaintiffs are seeking damages in the amount of unpaid overtime compensation, unpaid minimum-wage compensation, unpaid reimbursed business expenses, one hour of additional pay for each workday completed without meal breaks and another hour of compensation for each work day without rest breaks” all with interest. The Private Attorneys General Act action seeks civil penalties and attorney fees. Go get’em!

Top Settlements

Heads up all Target Customers: A $10 million settlement has been reached in the Target data breach class action lawsuit. If approved, the settlement will resolve multidistrict litigation (MDL) resulting from one of the largest data breaches to date, affecting as many as 110 million Target customers.

The data breach occurred late in 2013—one of many data breaches we’ve been reporting on recently—and compromised customers’ personal information including bank and debit card information. The settlement motion requests certification of a nationwide class of an estimated 110 million consumers whose credit or debit card information or other personal information was compromised following the breach.

If you ever needed a reason to keep your paperwork—this would be it. Under the terms of the proposed settlement, affected Target customers who can document their losses will be eligible for up to $10,000 in damages. For those who cannot produce documentation, a payment will be made from the remainder of the settlement fund, once outstanding costs are deducted. The remaining balance will be divided equally.

Additionally, the agreement stipulates that Target makes a greater effort to safeguard its customer data, which would include appointing a high-level executive as chief information security officer and maintaining a written information security program, as well as a process to monitor for information security events and to respond to any such events determined to present a threat.

Well, the proof is in the doing… we can only wait and see.

Sheetrock Settlement. A $55 million settlement has been reached in an antitrust multi-district litigation (MDL) alleging price-fixing among companies that make gypsum board, commonly called drywall, sheetrock or plasterboard. While that might seem like a lot for drywall—it’s reportedly a $5 billion dollar a year industry in the US.

Preliminary approval was granted by US District Senior Judge Michael Maylson of the Eastern District of Pennsylvania. He has been overseeing the case since consolidation two years ago.

The defendant TIN has agreed to pay $5.25 million to settle claims from direct purchasers of drywall and $1.75 million to settle with indirect purchasers. Similarly, USG has agreed to pay $39.25 million to settle with the direct purchasers and $8.75 million to settle with indirect purchasers. The action isn’t quite over yet—as several defendants still need to settle.

Judge Baylson has also certified several classes of plaintiffs for the explicit purpose of facilitating the settlement and without having any effect on the still-ongoing litigation.

According to the complaint, the defendants account for more than 99 percent of drywall sold in North America. They are USG, National Gypsum, CertainTeed, Georgia-Pacific, American Gypsum, Lafarge, Temple-Inland (TIN) and PABCO. Well, if it wasn’t price-fixing it was certainly one hell of a coincidence.

Hokee Dokee—That’s a wrap folks…Time to adjourn for the week. See you at the bar!

Week Adjourned: 3.7.14 – TD Bank, Tech Workers, Data Breach Settlement

The week’s top class action lawsuits and settlements…top stories include TD Bank, Apple, Adobe, Google, Intel and the AVMEd data breach settlement.

Top Class Action Lawsuits

TD Bank Teed Up for Another Overdraft Fee Lawsuit? If at first you don’t succeed—is that the mantra here? TD Bank got hit with a consumer banking class action lawsuit this week alleging the financial institution continues to manipulate the order of debit card transactions so that it can profit through the maximization of overdraft fees. The lawsuit comes less than a year after the bank paid $62 million to settle a multidistrict litigation alleging the same practice. I’m sad to say I’m not surprised by these allegations.

Filed in Pennsylvania federal court by lead plaintiffs Sheila and Emilio Padilla, the complaint specifically alleges that TD Bank has continued to use a software scheme to illegally collect overdraft fees, and that it assessed the fees even when customers have sufficient funds in their account to cover the debit card payments.

“Defendant employs sophisticated software to automate its overdraft systems,” the complaint states. “These programs maximize the number of overdrafts, and thus the amount of overdraft fees charged per customer.”

The TD Bank class action complaint further states, “Many of the complained of practices continued as before, even after the class action settlement. Shockingly, unlike nearly all other banks sued in the multidistrict litigation, … TD has continued these practices even after it settled claims of wrongdoing based on these very same practices.”

The class action seeks to represent all TD Bank customers who opened a new account after the settlement class period ended on August 15, 2010, and who were charged improper overdraft fees. The class also seeks to represent those customers that had an account prior to August 2010 but were not charged overdraft fees until after that time.

Hi ho, Hi ho, it’s back to court they go!

Pays to Know Who’s in your Network? Well, maybe that’s what Adobe, Apple, Google and Intel thought—they’re facing a potential employment and salary fixing class action lawsuit over allegations they conspired to hire engineers from each other’s employee pools and knowingly shared salary data to establish pay ceilings. Nice.

Filed in California, the engineer and programmer class action lawsuit allegedly follows on from a 2012 investigation by the US Department of Justice which found that these practices were also evident at Lucasfilms, Pixar and Intuit. According to a report by the New York Times, the DOJ’s report suggests as many as 64,000 engineers and programmers were involved, which means the class action lawsuit could see billions in damages, if successful.

Rumor has it the sainted Steve Jobs was involved in cooking this one up. One to watch for sure.

Top Settlements

Finally—a Data Breach Class Action Settlement! And a finalized one at that. That’s right, final approval of a $3 million settlement has just been granted, ending the long-running AVMed data breach class action. Cast your mind back to 2009, when health insurance provider AvMed got hit with what was to become one of the first in a string of data breach lawsuits. This one alleged that sensitive data from 1.2 million customer records had been breached from unencrypted laptops. “Sensitive”? I think we’re talking health records, FYI.

Among the settlement terms is the stipulation that AvMed implement increased data security measures including mandatory security awareness training and encryption protocols on company laptops.

The $3 million settlement fund is set aside for plaintiffs to make claims for $10 for every year that they purchased insurance from AvMed, with a $30 cap: class members who experienced identity theft are reportedly eligible to make additional claims to recover their monetary losses.

Reportedly, this is the first settlement of a data breach lawsuit that provides compensation to plaintiffs who did not experience identity theft.

Ok Folks, That’s all for this week. See you at the bar!