This week, a proposed data breach class action against Dickey’s Barbecue Restaurants Inc.  was settled for $2.35 million in the U.S. District Court for the Northern District of Texas with approval of the settlement terms by Judge Ed Kinkeade. Dickey’s is a Dallas-based restaurant chain that allegedly failed to implement appropriate security measures to protect consumer personal information from a breach, and allegedly violated the California Consumer Privacy Act (CCPA) as well, according to plaintiffs’ complaints.

Plaintiff Demi Kostka filed the suit against Dickey’s in November 2020, alleging that the restaurant chain failed to implement adequate data security measures to protect and secure consumers’ credit card information which resulted in a breach of their data.  The suit was later consolidated with similar cases alleging violations of the CCPA and the California Unfair Competition Law.

Eligible California class members will receive about $100 and non-California class members will receive about $50. In addition to the monetary award, the settlement provides reimbursement for class members who suffered certain losses as a result of the security incident; class members may also opt to receive free credit monitoring services.

Photo of Kathryn Rattigan Kathryn Rattigan

Kathryn Rattigan is a member of the Business Litigation Group and the Data Privacy and Security Team. She concentrates her practice on privacy and security compliance under both state and federal regulations and advising clients on website and mobile app privacy and…

Kathryn Rattigan is a member of the Business Litigation Group and the Data Privacy and Security Team. She concentrates her practice on privacy and security compliance under both state and federal regulations and advising clients on website and mobile app privacy and security compliance. Kathryn helps clients review, revise and implement necessary policies and procedures under the Health Insurance Portability and Accountability Act (HIPAA). She also provides clients with the information needed to effectively and efficiently handle potential and confirmed data breaches while providing insight into federal regulations and requirements for notification and an assessment under state breach notification laws. Prior to joining the firm, Kathryn was an associate at Nixon Peabody. She earned her J.D., cum laude, from Roger Williams University School of Law and her B.A., magna cum laude, from Stonehill College. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.