An Oregon credit union filed a class action suit Tuesday against Noodles & Company for a data security breach that has affected 322 locations of the fast-food restaurant chain.
The suit, filed by SELCO Community CU, Eugene, Ore., seeks class action status for all U.S. financial institutions whose customers made purchases at Noodles since Jan. 1, according to documents filed with the U.S. District Court of Colorado.
Noodles is headquartered in Broomfield, Colo., and in June acknowledged a compromise of customers’ debit and credit card payment information.
SELCO Community cited initial and continued costs:
The filing includes that Noodles failed to “employ reasonable measures to secure its customers’ personal and financial information.”
Credit unions can e-mail DataBreachLawsuit@cuna.coop for more information about the suit or if they have losses resulting from the Noodles’ breach.
In June, CUNA joined a class action lawsuit against fast-food restaurant Wendy’s as the national trade association representing credit unions.
Consumers’ payment information has been compromised at a number of national retailers, restaurants and hotel chains. CUNA research found that credit unions incurred costs—not including actual fraud—of more than $88 million due to just two data breaches: Target in 2013 and Home Depot in 2014.
CUNA continues to press for data security legislation with more stringent security standards for merchants. The Data Security Act of 2015 (H.R. 2205) includes a call for a single data security standard for all entities that handle sensitive consumer information and a data breach notification standard