Skip to content Skip to navigation

Sonic Corporation Exposure of Personal Information Data Breach Class Action

Sonic Drive-In Sign

Sonic, the largest chain of drive-ins in the US, has become the latest popular company to experience a data breach and expose the information of countless customers’ personally identifying information (PII). The complaint for this class action alleges that Sonic failed to take adequate measures to protect its data systems, failed to stop the breach from happening, failed to monitor and detect the breach on a timely basis, and failed to inform customers promptly. It claims that Sonic is guilty of negligence as well as breaches of Florida and New Jersey state laws.

The Nationwide Class for this action is all persons living in the US whose PII was acquired by unauthorized persons during the data breach announced by Sonic in 2017. As an alternative, the complaint proposes two statewide classes under state laws for Florida and New Jersey.

The complaint claims that breaches of other restaurant chains, such as Wendy’s, should have alerted Sonic to the potential for hacking and the need for precautions, but that Sonic continued to use a payment system that was more than thirty years old. The complaint acknowledges that some locations had been updated, but others had not.

The complaint alleges that Sonic customers have suffered the following damages and potential damages:

  • Unauthorized use of their PII
  • Theft of personal and financial information
  • Costs for detecting and preventing identity theft and use of their financial accounts
  • Damages arising from the use of their PII
  • Loss of use of account funds and costs associated with limitations in access to funds, such as missed payments, late fees, and adverse effects on their credit such as decreased credit scores
  • Time and money spent dealing with current and future consequences of the data breach, including detection of fraudulent charges, purchasing identity protection services, as well as stress, nuisance, and annoyance 
  • Impending injury from fraud and identity theft, including from future sales of their information on the criminal black market
  • Loss of privacy

In more concrete terms, the complaint says, the damages to consumers can include things such as the cloning of their credit or ATM cards, the use of their health insurance policies, and the obtaining of loans under their names. Surveillance of accounts for fraudulent charges, withdrawals, and other uses will need to go on for years.

In addition, the complaint points out that Sonic continues to hold the PII and card information of its customers and must take precautions against future data breaches.

Article Type: 

Free Case Evaluation

Fill out the information for a FREE and prompt case evaluation.

About you

Additional Information

Latest Tweets

Join Us on Facebook