Consolidation of Suits over Alleged Data Breach of Wendy’s Shareholders

On March 30, 2018, the Honorable Timothy S. Black of the U.S. District Court for the Southern District of Ohio consolidated two filed class actions against Wendy’s brought by shareholders, Thomas Caracci and James Graham (“Graham”), accusing the fast-food chain’s top executives and board of directors of making poor security decisions that led to a 2016 data breach.

The data breach was initially disclosed by Wendy’s in January 2016. Wendy’s did not offer an estimate of the scope of the breach until May 2016, at which time it estimated that approximately 300 of its U.S. fast-food franchises were affected. That estimate was increased to 1,025 affected franchises in July of that year.

A derivative action was filed in December 2016 on behalf of Graham, alleging that select company leaders, including Nelson Peltz (Trian Fund Management LP CEO), had made a number of poor security decisions, such as “requiring all franchisees to implement a flawed point-of-sale system, failing to implement or enforce any effective internal data security procedures and not properly reporting the scope and impact of the breach.”

A motion to dismiss was filed in March 2017 on behalf of the board and executives of Wendy’s, claiming that Graham’s complaint was nothing more than speculation as he had failed, according to the motion, to include any specific allegations that proved Wendy’s actions of gross negligence or reckless disregard of its duties or that it consciously failed to monitor its data security protocols and disregarded known vulnerabilities.

Judge Black has opted to hold off appointing lead counsel for the plaintiffs in response to Graham’s request that he be permitted to continue settlement discussions with defendants before appointing lead counsel. The defendants’ motion to dismiss was denied as moot, given that an amended complaint may need to be filed once lead counsel is appointed, the order said.

The legal team at Shepherd, Finkelman, Miller & Shah (“SFMS”) has significant experience litigating securities class action matters. If you have any questions regarding this subject or this posting, please contact Nick Lussier ( or Chiharu Sekino ( We can also be reached toll-free at (866) 540-5505.

SFMS is a law firm with offices in California, Connecticut, Florida, New Jersey, New York, and Pennsylvania. SFMS is an active member of Integrated Advisory Group (, which provides us with the ability to provide our clients with access to excellent legal and accounting resources throughout the globe. For more information about our firm, please visit us at


Morris, Sophia. “Wendy’s Shareholders’ Data Breach Suits Consolidated”. Law360. Last Modified on April 2, 2018.