[BreachExchange] Wendy's to pay $50M to settle lawsuit from data breach

[Destry Winant]

https://www.bizjournals.com/columbus/news/2019/02/14/wendys-to-pay-50m-to-settle-lawsuit-from-data.html

Wendy's Co. will pay $50 million to settle a class-action lawsuit from
a data breach that hit hundreds of its franchisees.

The Dublin-based company on Wednesday announced the pending agreement
with financial institutions, which had alleged Wendy's failed to
safeguard customer credit card information and failed to provide
notice that customer information had been compromised.

Wendy's said it will pay $27.5 million of the settlement costs, with
the rest covered by insurance.

The settlement would release Wendy's from all claims, as well as its
franchisees.

Wendy's in 2016 disclosed that a point-of-sale system used at several
hundred of its franchised restaurants had been compromised. It blamed
the data breach on malware installed through the use of “compromised
third-party vendor credentials.”

"We are encouraged by the progress made to resolve this case, and we
believe this settlement is in the best interests of Wendy's and its
shareholders," CEO Todd Penegor said in a statement. "With this
settlement, we have now reached agreements in principle to resolve all
of the outstanding legal matters related to these criminal
cyberattacks. We look forward to putting this behind us so that we can
continue to focus on growing the Wendy's brand."

The company last year reached a settlement with consumers who may have
been affected by that data breach.