Jimmy John’s, in the wake of every other retailer that has suffered a data breach, became the newest defendant in a class action lawsuit seeking recovery for inadequate security measures in protecting customer credit and debit card data.
The Complaint alleges that Jimmy John’s had grossly inadequate information systems and network security oversight that led to the theft of customer credit and debit cards of individuals in 43 states by third-party criminals. The Complaint further asserts that despite its alleged awareness of the security intrusion and data theft on July 30, 2014, Jimmy John’s did not disclose the data breach until September 24, 2014.
The allegations are similar to those set forth in the Complaints against other major retailers. We will continue to watch these cases closely as they proceed through litigation.