Consumers alleged the drive-in burger chain failed to take adequate security measures to prevent a third-party cyberattack on its payment system at 325 locations.
The settlement covers U.S. residents who made a debit or credit card purchase at one of the 325 affected Sonic locations between April 7, 2017, and Oct. 28, 2017. Sonic estimated there are 1.5 million settlement class members, according to filings in the Northern District of Ohio.
Sonic agreed not ...