DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Seventh Circuit revives data breach lawsuit against P.F. Chang’s

Posted on April 15, 2016 by Dissent

Samantha Bomkamp reports that the Seventh Circuit has done it again when it comes to allowing data breach lawsuits to go forward:

A lawsuit over a 2014 data breach at P.F. Chang’s has been revived by an appeals court, which said two plaintiffs have shown enough evidence to pursue their claim.

Two Illinois men, John Lewert and Lucas Kosner, filed suit against the restaurant chain after dining at the P.F. Chang’s in Northbrook in April 2014, paying with their debit cards, according to the filing. Kosner claimed that four fraudulent charges were made on his debit card in June 2014. Lewert didn’t have any fraudulent charges, the lawsuit said. The two men initially filed separate lawsuits that were consolidated, but their suit was dismissed by a lower court.

 

Read more on Chicago Tribune.

You can read Judge Wood’s opinion here.  Relying on their previous opinion in Remijas v. Neiman Marcus to explain why the plaintiffs do have standing, the court writes:

In the present case, several of Lewert and Kosner’s alleged injuries fit within the categories we delineated in Remijas. They describe the same kind of future injuries as the Remijas plaintiffs did: the increased risk of fraudulent charges and identity theft they face because their data has already been stolen. These alleged injuries are concrete enough to support a lawsuit. P.F. Chang’s acknowledges that it experienced a data breach in June of 2014. It is plausible to infer a substantial risk of harm from the data breach, because a primary incentive for hackers is “sooner or later[] to make fraudulent charges or assume those consumers’ identities[.]” Id. at 693. Lewert is at risk for both fraudulent charges and identity theft. Kosner has already cancelled his debit card, but he is still at risk of identity theft. Other members of the would–be class will be in the same position as one or the other named plaintiff.

Similarly, Lewert and Kosner have alleged sufficient facts to support standing based on their present injuries. Kosner asserts that he already has experienced fraudulent charges. Even if those fraudulent charges did not result in injury to his wallet (he stated that his bank stopped the charges before they went through), he has spent time and effort resolving them. He also took measures to mitigate his risk by purchasing credit monitoring for $106.89. Lewert alleged that he has spent time and effort monitoring both his card statements and his other financial information as a guard against fraudulent charges and identity theft.

No related posts.

Category: Business SectorU.S.

Post navigation

← IE: Personal details of almost 2,000 civil servants incorrectly ‘leaked’ – PSEU conference
VA physician leaves patient files in his car, and…. →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Integrated Oncology Network victim of phishing attack; multiple locations affected (2)
  • HHS’ Office for Civil Rights Settles HIPAA Privacy and Security Rule Investigation with Deer Oaks Behavioral Health for $225k and a Corrective Action Plan
  • HB1127 Explained: North Dakota’s New InfoSec Requirements for Financial Corporations
  • Credit reports among personal data of 190,000 breached, put for sale on Dark Web; IT vendor fined
  • Five youths arrested on suspicion of phishing
  • Russia Jailed Hacker Who Worked for Ukrainian Intelligence to Launch Cyberattacks on Critical Infrastructure
  • Kentfield Hospital victim of cyberattack by World Leaks, patient data involved
  • India’s Max Financial says hacker accessed customer data from its insurance unit
  • Brazil’s central bank service provider hacked, $140M stolen
  • Iranian and Pro-Regime Cyberattacks Against Americans (2011-Present)

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • On July 7, Gemini AI will access your WhatsApp and more. Learn how to disable it on Android.
  • German court awards Facebook user €5,000 for data protection violations
  • Record-Breaking $1.55M CCPA Settlement Against Health Information Website Publisher
  • Ninth Circuit Reviews Website Tracking Class Actions and the Reach of California’s Privacy Law
  • US healthcare offshoring: Navigating patient data privacy laws and regulations
  • Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
  • Google Trackers: What You Can Actually Escape And What You Can’t

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.