InterContinental Hotels Group PLC is facing a data breach class action lawsuit. The suit accuses the UK-based company of failing to provide customer data protection. This resulted in customer’s credit and debit card hack, which occurred in 2016. In fact, hackers succeeded in stealing private data over several months in 2016.
The lead plaintiff who filed the lawsuit against InterContinental Hotels in federal court of Georgia is David Orr. As a matter of fact, attorneys David J. Worley and James M. Evangelista of Evangelista Worley LLC, Ben Barnow, Erich P. Schork and Anthony L. Parkhill of Barnow and Associates PC, and Brian K. Herrington of Herrington Law PA are representing the plaintiff.
The hotel chain is alleged of breach of implied contract, as well as unjust enrichment and negligence. It’s worth noting that InterContinental Hotels is a hotel chain based in the UK that consists of 5000 hotels throughout the world. The plaintiff mentions in his complaint that the company didn’t take appropriate steps for preventing the installation process of malware on its payment system. In addition to that, the hotel chain wasn’t able to detect the security breach.
More details about Intercontinental Hotels class action lawsuit
The lead plaintiff noted in his complaint that the InterContinental Hotels Group has serious security failures. For this reason, hackers stole Orr’s private data and succeeded in making purchases fraudulently using his credit and debit cards. According to the lawsuit, such security failures put customers’ financial information at a serious risk. Orr adds that it is the result of the hotel chain’s negligent conduct.
According to the lawsuit, on October 14 and 15 Orr stayed at one of the hotels of the company in Biloxi, Mississippi. Thus, the plaintiff used his debit card to make the necessary payments for his stay. However, because of the company’s improper security his private financial information was exposed. It was on February 3, when the hotel chain declared that 12 of its locations faced hack attack. Furthermore, in April the company informed that the number of such locations increased to 1000. So, all the affected consumers got data breach notification letters.
InterContinental pointed out that the security breach didn’t impact the properties that used its encrypted secure payment solution before September 29.
The lawsuit is seeking to represent a Class of those people who used their credit or debit cards at a hotel between September 29 and December 29, 2016. It also refers to anyone who got a data breach notification letter from the hotel chain.
The plaintiff is seeking an award of actual and punitive damages, as well as attorney’s fees, pre- and post-judgment interest and litigation expenses.