Data breaches are occurring at an alarming frequency. For instance, the University of Maryland estimates that there are approximately 2,244 hacker attacks per day. In the first half of 2019 alone, researchers believe that more than 4 billion records were exposed as a result of data breaches. Consumers’ financial information has never been more vulnerable.
Among recent data breach targets are popular convenience stores and food chains:
Wawa Data Breach: Popular convenience store and gas chain Wawa Inc. announced in December 2019 that it experienced a data breach as a result of malware installed on its payment card system. The breach lasted approximately nine months, from March 2019 to December 2019, and could have affected all 850 Wawa locations across six states and Washington D.C. Data experts believe that the breach impacted 30 million records, all of which are currently available for sale on the dark web. A class action on behalf of both consumers and financial institutions is currently pending in the Eastern District of Pennsylvania. See In re Wawa Data Sec. Litig., Case No. 19-cv-06019 (GEKP) (E.D. Pa.).
Rutter’s Data Breach: Another popular convenience store and gas chain Rutter’s announced in February that it was impacted by a data breach through the use of malware installed on its payment card system used inside stores and on fuel pumps. Rutter’s operates seventy-two locations in Pennsylvania, West Virginia, and Maryland. The breach is estimated to have lasted from August 30, 2018 through May 29, 2019. A class action on behalf of consumers is currently pending in the Middle District of Pennsylvania. See In re Rutter’s Inc. Data Sec. Breach Litig., Case No. 20-cv-00382 (M.D. Pa.).
Primo Hoagies: Beloved sandwich shop Primo Hoagies announced a data breach in April of this year. Primo Hoagies operates 95 locations across seven states: Pennsylvania, Delaware, New Jersey, Maryland, South Carolina, Florida and Virginia. The data breach is estimated to have lasted from July 2019 through February 2020, and affected credit card information routed through Primo Hoagie’s online payment platform. A class action on behalf of consumers is currently pending in the District of New Jersey. See Hozza v. PrimoHoagies Franchising, Inc., Case No. 20-cv-04966 (D. N.J.)
Despite the alarming rise of data breaches, leading data security software provider Varonis estimates that approximately sixty-four percent of consumers fail to check whether they are impacted by a data breach. Perhaps more significantly, Varonis’ research shows that fifty percent of Americans are unaware what steps to take if they are a victim of a data breach.
Consumers can take several steps to protect their financial information, most of which are relatively easy to implement. For example, proactively reviewing credit and debit card statements for irregularities is a good way to defend against fraud. Consumers should be sure to check even for small discrepancies, as cyber criminals will often place fraudulent charges in small increments to check the validity of the stolen data while avoiding detection.
If you believe you were the victim of a data breach, change your debit and credit card number immediately and invest in credit monitoring to detect any future fraud. Additionally, take advantage of your ability to check your credit report for free once per year. If there are fraudulent charges on your account, immediately contact your bank or credit card company to put a freeze on your account and dispute the charges. If your account has fraudulent charges as a result of a data breach and you have not been reimbursed, or if you have any questions about whether you were affected by a data breach, it may be helpful to reach out to a data breach attorney to guide you through additional options.
Amanda Fiorilla is an Associate in Lowey Dannenberg’s New York office. She represents consumers and financial institutions in data breach cases. She can be reached at afiorilla@lowey.com or 914-733-7266