January 22, 2022

Volume XII, Number 22

Advertisement
Advertisement

January 21, 2022

Subscribe to Latest Legal News and Analysis

January 20, 2022

Subscribe to Latest Legal News and Analysis

January 19, 2022

Subscribe to Latest Legal News and Analysis

Credit Card Hack Could Cost $80 Million in Illinois

A massive credit card breach at a Missouri-based grocery store chain could end up cost $80 million in Illinois alone, according to a court motion filed last week. So far, at least three lawsuits seeking class action status have been filed against Schnucks Markets, Inc., alleging a breach that has affected 2.4 million cards used at 79 stores between early December and late March.

As the St. Louis Dispatch reports:

The suits allege that Schnucks knew about the breach days, perhaps longer, before it revealed the hack, and should have told customers about it sooner. The suit filed in Illinois on April 25 says the breach cost customers time and money, requiring card holders to spend hours canceling and getting replacement cards, and re-setting automatic payments.

In its motion, filed Friday, Schnucks puts a figure on this effort, saying that an estimated 1.6 million card transactions took places at its 23 Illinois stores during the breach period, representing 500,000 unique cards — about one-fifth of the cards compromised in the breach overall.

Plaintiffs argue that state law in Missouri and Illinois says that any store that stores personal data relating to customers must notify those customers as soon as the store becomes aware of a breach. Schnucks, however, says that the data stolen from customer credit cards included card numbers and expiration dates, not names, meaning they were not required to notify victims. It can be said that this looks bad on Schnucks — customer service-wise and reputation-wise.

The case is likely to head to the U.S. District Court for the Southern District of Illinois.

 Relatively speaking, $80 million is nothing compared to, say, the Heartland Payments Systems security breach of 2008, which resulted in the theft of information from more than 100 million credit and debit cards and a 20-year prison sentence for the perpetrator. But even that doesn’t compare to this list of the top five most expensive data breaches.

Risk Management Magazine and Risk Management Monitor. Copyright 2022 Risk and Insurance Management Society, Inc. All rights reserved.National Law Review, Volume III, Number 146
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

Editor

Emily Holbrook is the editor of Risk Management magazine and the Risk Management Monitor blog.

212-655-5915
Advertisement
Advertisement
Advertisement