In the wake of the payments-related data breach at the Supervalu grocery chain, the company has been hit with a class-action lawsuit, Bank Info Security reported.
In the lawsuit, which was filed the same day the intrusion was announced, the plaintiffs claim Supervalu failed to abide by best practices and industry standards for payment-processing security, as well as failing to notify affected customers in a timely manner. The lawsuit also cites Supervalu’s statement that “approximately 40 million credit and debit card accounts may have been impacted.”
The lawsuit was filed in the U.S. District Court for the Southern District of Illinois in East St. Louis by four plaintiffs who shopped at the chain’s grocery stores and used their payment cards during the time of the breach. The complaint claims damages that include out-of-pocket expenses to mitigate identity theft and fraud risks, and says any fraud losses have not yet been determined.
Whether the quickly filed lawsuit will have any success is also up in the air. A data breach attorney told Bank Info Security that such consumer cases “are dead in the water.”
“To have a case, you have to have two things: Liability and damages,” the attorney said. “That’s hard to prove on the consumer side.” In most cases, consumers are protected from direct fraud losses by the policies of banks and payment-card brands.
The breach is believed to have affected 180 stores owned or franchised by Supervalu under banners including Cub, Farm Fresh, Shoppers, Shop ‘n Save and Hornbacher’s. The breach may also have affected 836 Albertsons, ACME Markets, Jewel-Osco, Shaw’s and Star Markets stores. Supervalu sold those stores in 2013 but still provides payment-card processing for them.
We’re always on the lookout for opportunities to partner with innovators and disruptors.
Learn More