The lead plaintiff says in a complaint filed in federal court in Orlando that hackers used his debit card information to charge almost $600 worth of stuff after he’d used the card at a Wendy’s restaurant in early January, Courthouse News reports.
The customer claims Wendy’s failed to use adequate safety measures and didn’t notify customers quickly. He wants the court to certify a class of other Florida residents who also could’ve been defrauded after visiting Wendy’s.
“Wendy’s could have prevented this data breach,” the complaint states, adding the software was most likely a variant of the “BlackPOS” malware that affected other large companies last year. “While many retailers, banks and card companies responded to recent breaches by adopting technology that helps make transactions more secure, Wendy’s has acknowledged that it did not do so.”
Wendy’s should have known better, the complaint states, especially after several other high profile reports in the media of hackers stealing personal information, but instead, it kept payment information and customers’ personal information together.
The plaintiff is suing for negligence, breach of contract, and violation of Florida’s Unfair and Deceptive Trade Practices Act. He’s seeking damages, and for the court system to make sure improved security measures are put into place.
So far, Wendy’s has only acknowledged a pattern of “unusual credit card activity” regarding its customers, but hasn’t disclosed how many people could have been affected.
“Since this is a legal matter, we have no comment on the lawsuit,” spokesman Bob Bertini told Consumerist.
Class Claims Wendy’s Mishandled Their Data [Courthouse News]