Card Information for Three Million Dickey’s Barbecue Pit Customers For Sale: Report

Major Data Breach Compromises Patrons Financial Accounts

Patrons of Dickey’s Barbeque Pit should pay close attention to their financial accounts in the wake of a major POS data breach at the world’s largest BBQ chain.

According to security researchers at Gemini Advisory, three million debit and credit cards were stolen from customers nationwide and around the world between July 2019 and August 2020.

Hackers seized credit and debit card information from 156 of the eatery’s 469 locations across 30 states with the highest exposure in California and Arizona. Gemini reports that customer data was compromised using outdated in-store Point of Sale (POS) systems that still use magstripe technology – long known to be prone to malware attacks. Given the widespread nature of the breach, the exposure may be linked to a breach at the single central processor, which was leveraged by over a quarter of all Dickey’s locations.

Compromised Cards For Sale On The Dark Web

According to Gemini’s report, the Joker’s Stash dark web marketplace has uploaded this latest breach titled “BLAZING SUN,” on October 12th. Cards are selling for an average of $17 each and are advertised as having rates between 90 and 100 percent. This high rate indicates that Dickey’s BBQ was unaware of the compromise and customers were never notified to take precautions.

Did you use a credit or debit card at a Dickey’s Barbecue Pit restaurant between July 2019 and August 2020?

The consumer protection lawyers at Emerson Firm, PLLC are now reviewing damages arising from 3 million Dickey’s Barbecue Pit customers whose credit and debit cards were hacked and information made available for sale on the dark web.

A lawsuit was filed on Nov. 9 in US District Court – Southern District of California against the restaurant chain alleging violations of the California Consumer Privacy Act (CCPA), Unfair Competition laws and negligence. According to the filing, the plaintiffs allege the data breach would have continued without Dickey’s detection had cyber security firms not issued public reports that the hacked information was available for sale on the dark web. The lawsuit further alleges that that even upon learning of the data breach, Dickey’s failed to notify customers whose card and personal identifying information were stolen and sold citing –

“We are taking this incident very seriously and an investigation is ongoing. We are currently focused on determining the locations affected and time frames involved. Dickey’s does not otherwise comment on pending litigation.”

I patronized Dickey’s during this time frame and used a card, what should I do?

If you used a credit or debit card at any of Dickey’s restaurants during the July 2019 to August 2020 time frame, you should immediately notify your financial institution and take prophylactic measures to secure your financial accounts.

We would also like to speak with you. Free consultations and claim evaluations are provided by our consumer protection lawyers to help determine whether financial compensation may be available to you.

If you would like to find out more, please fill out the form below and we will be in touch or call us at +1 (800) 551-8649.






    Emerson Firm Announces Ongoing Investigation For the U.S. Bancorp and U.S. Bank National Association Data Breach.

    Emerson Firm, PLLC (“Emerson”) announces that it is continuing its investigation regarding the data breach at U.S. Bancorp and U.S. Bank National Association (collectively “U.S. Bank”) on behalf of an unknown number of affected U.S. Bank customers whose personal information was compromised in the Data Breach revealed by U.S. Bank on September, 18, 2020.

    U.S. Bank recently notified the State of California Attorney General of a data breach affecting an unknown number of customers. On July 30, 2020, a computer server containing personally identifiable information was physically stolen from an undisclosed U.S. Bank corporate office. The breached data reportedly includes names and account numbers but may include additional sensitive information. Further details have not yet been released.  On September 18, U.S. Bank began notifying affected consumers of the data incident without explanation of the delay in notification.  On information and belief, the Data Breach was a direct result of U.S. Bank’s failure to implement adequate and reasonable cyber-security procedures and protocols necessary to protect customers’ personally identifiable information (“PII”).

    U.S. Bancorp is the parent company of U.S. Bank, one of the largest commercial banks in the nation. Founded in 1863, U.S. Bank annual revenues exceed $23 billion USD. Headquartered in Minneapolis, Minnesota, the bank employs more than 73,000.

    Houston-based law firm Emerson represents consumers throughout the nation.  Emerson and its predecessor firms have devoted their practice to complex commercial litigation for more than thirty-nine years and have recovered more than a billion dollars for consumers in class actions throughout the United States.

    If you are a person whose PII was compromised as a result of the Data Breach announced by U.S. Bank on September 18, 2020 then please contact us immediately to protect your rights.  It makes no difference what state you reside in.

    IMPORTANT: Send your inquiry with your complete contact information including phone number and email address to plaintiffs’ counsel, Emerson Firm, PLLC via e-mail to John G. Emerson (jemerson@emersonfirm.com) or complete the below form and we will promptly get back to you to discuss your situation.