Sonic
| Basic information | |
|---|---|
| Founded | 1953-06-18 |
| Legal Structure | Subsidiary |
| Industry | Food |
| Also known as | |
| Official website | http://sonicdrivein.com/ |
Sonic Corporation is (you guessed it) also a company =)
Consumer-impact summary
Incidents
This is a list of all consumer-protection incidents this company is involved in. Any incidents not mentioned here can be found in the Sonic category.
Malware attack (2017)
- Main article: link to the main CR Wiki article
On September 16, KrebonSecurity disclosed that Sonic suffered a data breach on its Point of sales systems, exposing an estimate 5 millions of customers financial information are being sold on a website called Joker’s Stash.[1] A few days later, the blog got traction on social media, with major new outlets covering the leak.[2] The company issued a public response on its website on October 4, acknowledging the breach and offering affected customers 24 months fraud protection until December 24, 2017.[3]
The company faced 12 lawsuits from customers because of this incident, alleging the company's failure to implement up to date security practices and disclosing the incidents to customers.[4][5][6][7][8] On October 2018, a $4.3 million settlement was reached.[9] In May 2022, a $5.4 settlement was reached, requiring sonic pay $3 million to reimburse financial institutions, and $1 or $1.50 for each payment card reissued or involved.[10]
Sonic Spam Messages
2020 Lawsuit
2023 Lawsuit
https://www.classaction.org/news/class-action-alleges-sonic-drive-in-sent-illegal-spam-texts 2023
Products
See also
References
- ↑ "Breach at Sonic Drive-In May Have Impacted Millions of Credit, Debit Cards". KrebsOnSecurity. 26 September 2017. Archived from the original on 11 February 2018. Retrieved 16 March 2026.
- ↑ "Data breach at Sonic restaurants could affect millions of customers". Youtube. 28 September 2017. Retrieved 16 March 2026.
{{cite web}}: CS1 maint: url-status (link) - ↑ "SONIC Drive-In: Notice of Payment Card Breach". Sonic Drive In. 4 October 2017. Archived from the original on 15 October 2017. Retrieved 16 March 2026.
- ↑ "IN THE UNITED STATES DISTRICT COURT FOR THE NORTHERN DISTRICT OF OHIO EASTERN DIVISION AT CLEVELAND" (PDF). ohnd.uscourts.gov. 12 February 2018. Archived (PDF) from the original on 20 October 2020. Retrieved 16 March 2026.
- ↑ Rizzi, Corrado (29 September 2017). "Sonic Hit with Class Action Almost Immediately After Data Breach Announcement". ClassAction. Retrieved 16 March 2026.
{{cite web}}: CS1 maint: url-status (link) - ↑ Shaak, Erin (15 November 2017). "Sonic Facing Another Class Action in the Wake of Data Breach". ClassAction. Retrieved 16 March 2026.
{{cite web}}: CS1 maint: url-status (link) - ↑ Shaak, Erin (5 October 2017). "Sonic Corp. Facing Third Lawsuit Over Recent Data Breach". ClassAction. Retrieved 16 March 2026.
{{cite web}}: CS1 maint: url-status (link) - ↑ Shaak, Erin (19 December 2017). "Sonic Data Breach Sparks Another Class Action". ClassAction. Retrieved 16 March 2026.
{{cite web}}: CS1 maint: url-status (link) - ↑ Spicer, Christina (15 October 2018). "$4.3M Sonic Data Breach Class Action Settlement Reached". Top Class Action. Retrieved 16 March 2026.
{{cite web}}: CS1 maint: url-status (link) - ↑ Heisig, Eric (7 October 2022). "Judge Signals Approval For Sonic's Data Breach Settlement" (PDF). Law360. Retrieved 16 March 2026.
{{cite web}}: line feed character in|title=at position 47 (help)CS1 maint: url-status (link)