BANGOR – A Bangor attorney appears to have filed the first lawsuit in the nation over the recent security breach of Hannaford Bros. Co’s computer network that allowed hackers to obtain credit and debit card numbers of more than 4 million customers.
Samuel W. Lanham Jr. filed the class action lawsuit Tuesday night in U.S. District Court in Bangor on behalf of Melinda J. Ryan of Bangor and unnamed others.
Although the lawsuit does not seek specific damages, the complaint states that “the matter in controversy exceeds $5 million.”
Ryan has not been the victim of credit card fraud, Lanham said Wednesday, or had purchases that she did not authorize charged to her debit or charge cards as a result of the breach. The lawsuit is seeking compensation for the breach itself, he said.
More than 4 million customer accounts at grocery stores in the Northeast and Florida were exposed to fraud, even though the company meets the latest standards for data security, a company spokeswoman said Tuesday.
Hannaford doesn’t yet know how the breach – which began Dec. 7 and ended March 10 – occurred, Carol Eleazer, vice president of marketing for Hannaford, based in Scarborough, told the Associated Press earlier this week.
About 4.2 million credit and debit card numbers were exposed and at least 1,800 stolen during the seconds it takes for that information to travel to credit card companies for approval after customers swiped their cards in checkout-line machines, Eleazer said.
That means there are 4.2 million potential class members or plaintiffs who could join Ryan in the lawsuit, according to Lanham.
The Bangor attorney, who recently has specialized in class action lawsuits, said he expects similar lawsuits to be filed in Maine and other states.
Indeed, the law firm of Berger & Montague of Philadelphia sent out a press release Wednesday afternoon announcing that it had filed a lawsuit in U.S. District Court in Portland on behalf of all consumers in the United States whose credit card or debit card data was stolen from the Hannaford computer network. That lawsuit was not available Wednesday night on the court system’s Electronic Case Filing system.
Similar lawsuits filed in different states often are consolidated and assigned to one judge.
Lanham’s lawsuit, which was available Wednesday on the ECF system, is seeking a jury trial along with actual and-or compensatory damages and legal fees. The lawsuit also asks the court to:
. Find Hannaford was negligent in protecting private personal and financial information stored on its computer systems.
. Find that the company breached its contract to safeguard and protect that information.
. Order Hannaford to pay to monitor financial accounts of those whose information was obtained through the breach.
. Enjoin the firm from action that places consumers at risk of future security breaches.
The Philadelphia law firm of Berger & Montague is handling a similar case in U.S. District Court in Boston over a security breach last year of TJ Maxx’s system.
The settlement proposed but not yet approved by a federal judge in that case could provide a precedent for how similar lawsuits over security breaches such as the one at Hannaford’s could be resolved.
The proposed TJ Maxx settlement calls for the 445,000 people identified as plaintiffs in the class action lawsuit to be reimbursed for the expense of replacing drivers’ licenses; receive $30 vouchers or $15 in cash; be reimbursed for identity theft claims; and receive three years of credit insurance.
It also calls for the company to beef up its security system and hold an “unprecedented, extended-hours, one-day 15 percent-off sale.”
There is no date by which the judge must issue a decision about the proposed settlement.
Comments
comments for this post are closed