Newsroom

December 16, 2014

P.F. Chang's class actions dismissed

A U.S. district judge dismissed two class action suits filed against restaurant chain P.F. Chang's in the wake of its data security breach that affected as many as 7 million cards.

The suits claimed that Chang's did not "take timely measures to protect their financial information," noting the chain waited nine months to tell consumers about the breach, according to Courthouse News Service. The judge, however, said the breach did not result in any actual injury and that "the cost of the food they purchased" did not "implicitly" guarantee the protection of personal data as plaintiffs had argued.

The judge also said that because the breach resulted in attempted but not successful fraudulent charges on plaintiffs' cards, there was no real injury.

Soon after the credit-card breach was announced in June, Krebsonsecurity.com reported that the breach dated back to September 2013.

NAFCU was the first financial trade organization to call for national data security standards for retailers in the wake of the massive Target data breach last year, and continues to push for legislative action. Credit unions are already subject to standards under the Gramm-Leach-Bliley Act. NAFCU has also pushed for a bipartisan-bicameral working group in Congress to develop a legislative response to the continuing series of retailer data security breaches.