Wenco Management, LLC, a franchisee of the Wendy’s fast-food chain, faces a class action over a “highly foreseeable” data breach in late August 2022 that reportedly exposed thousands of employees’ personal information.
Wenco Management, LLC, a franchisee of the Wendy’s fast-food chain, faces a proposed class action over a “highly foreseeable” data breach in late August 2022 that reportedly exposed thousands of employees’ personal information.
The 18-page lawsuit claims that the cybersecurity measures taken by Wenco—the operator of Wendy’s restaurants in Michigan, Indiana and Ohio—were inadequate and allowed cybercriminals to gain access to its computer systems on August 21. The suit relays that the personally identifiable information (PII) compromised in the breach included employees’ names, Social Security numbers and health plan information.
Want to stay in the loop on class actions that matter to you? Sign up for ClassAction.org’s free weekly newsletter here.
Wenco neglected to train its employees sufficiently in simple data security practices and failed to take basic precautions itself, directly resulting in the cyberattack, the case charges.
“Defendant’s use of outdated and insecure computer systems and software that are easy to hack, and their failure to maintain adequate security measures and an up-to-date technology security strategy, demonstrates a willful and conscious disregard for privacy, and has exposed the PII of Plaintiff and thousands of members of the proposed Class to unscrupulous operators, con artists, and outright criminals.”
Though Wenco asserts in the notice sent to victims that it is improving its security systems to protect against future cyberattacks, the company’s failure to take these steps in the first place amounts to sheer negligence, the complaint argues.
By storing employees’ personal and financial data in its systems, Wenco had a legal duty to safeguard it against unauthorized disclosure, the filing claims. Considering the valuable nature of the information in Wenco’s network, it was “highly foreseeable that a bad actor would attempt to access that data,” the lawsuit alleges.
Like other victims, the plaintiff, an Ohio resident and current employee of a Wenco-owned Wendy’s, received notice that his name and Social Security number were compromised in the breach, the suit relays. He and other affected employees, who had “no choice but to trust” Wenco to protect their information, now face a heightened risk of identity theft, fraud, and other illegal activities as a result of the cyberattack, the case contends.
The lawsuit looks to represent anyone whose personal information was compromised in the data breach that affected Wenco Management, LLC’s systems on or around August 21, 2022.
Get class action lawsuit news sent to your inbox – sign up for ClassAction.org’s free weekly newsletter here.
Camp Lejeune residents now have the opportunity to claim compensation for harm suffered from contaminated water.