Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Michaels could face class action suit over data breach

Ramundo’s suit seeks class-action status, a jury trial, compensatory damages, and consequential and statutory damages, according to a report by BankInfo Security. The suit also demands that Michaels pay for card fraud monitoring services for consumers affected by the breach.

Earlier this month, Michaels Stores said that customer debit and credit card numbers and PINs had been stolen through PIN-pad tampering at its stores nationwide. The company disabled and quarantined suspicious PIN pads and removed around 7,200 of them from its stores.

In the suit filed in US District Court in Chicago, Ramundo charges that Michaels violated federal and state law by failing to take reasonable steps to safeguard its customers' personal financial data, including credit and debit card numbers and PINs.

“In essence, Michaels' security failure enabled cyber-pickpockets to steal customer financial data from within the retailer's stores and subsequently loot the customers' bank accounts from remote [ATMs],” the suit alleges, as quoted by ConsumerAffairs.com.

Ramundo said she used her Fifth Third Bank debit card to buy $19.35 worth of merchandise from a Michaels store on April 18. On May 3, her card was rejected when she tried to use it at a Costco store, according to the ConsumerAffairs.com report.

Ramundo telephoned the bank and was told that the card had been suspended because of “suspicious activity,” specifically three withdrawals totaling $1,300 from the account to which the card was linked. She contacted the police and learned that numerous other Michaels customers had filed similar complaints, the report said.

The class action seeks to represent all US residents who made an in-store purchase at Michaels and used a debit or credit card that was swiped through a PIN pad.

What’s Hot on Infosecurity Magazine?