Airport Vendor Faces Lawsuit over Data Breach

Robert LilesCybersecurityLeave a Comment

On any given day, airport terminals are filled with tourists ambling through corridors alongside busy business travelers; some people find themselves with ample time to kill, whereas others are in a full sprint to make tight connections. Even though the COVID pandemic heavily reduced air travel, millions of passengers still transited through US airports in the last year.

Airports may not be the most exciting places to spend time, but most of them include a variety of services to mitigate boredom, satiate hunger, unwind between flights, and even lighten the wallet. As with any other year, passengers freely spent money in airport stores and restaurants.

One prolific airport store operator who undoubtedly benefited financially from an uptick in travellers now stands to pay a potentially high price. Paradies Shops suffered a data breach late last year that they failed to announce. Now they face a class action lawsuit for failing to inform customers whose data might have been compromised.

Delayed Status

Founded in the Atlanta Airport, Paradies Lagardère, or Paradies Shops, has expanded to other airports and hotels across the United States and Canada. From LAX to JFK, it is likely even an incidental traveler has passed by a Paradies-owned shop. These shops specialize in travel essentials, dining, duty free, and specialty retail and operate in more than one hundred airports.

However, in October 2020 the travel chain was hit with a data breach. The breach compromised the information of more than 76,000 employees, both present and former. The ransomware group REvil was behind the attack and accessed names and Social Security numbers. These incidents are common, and many companies have had to create response tactics to address them as they happen.

What sets the Paradies Shops case apart from others that face these breaches is that while the incident happened in October 2020, the company did not notify affected individuals until the end of June 2021. This in turn left those affected by it at a greater risk of identity theft.

What followed is a class action suit filed by Morgan & Morgan—Ramirez v. the Paradies Shops. This case filed in the US District Court for the Northern District of Georgia now makes Paradies Shops vulnerable to a class action suit in addition to any costs incurred from the breach itself and any data security solutions set up after the breach.

Cleared for Take-off

A thorough, sound data security solution could have helped Paradies Shops to avoid a breach. However, their refusal to acknowledge the breach and respond in a timely manner only exacerbated the situation.

SecureData products are designed to offer hardware-encrypted storage solutions that can safely back up data offline. They require user password authentication to unlock, and keep data safe. SecureDrive BT and SecureUSB BT unlock the drives through a free wireless app. Both can be further enhanced with Remote Management, which allows administrators control over devices from anywhere in the world.

If you have concerns about your data security and would like to discuss how to create a solution, contact one of our experts at 424-363-8535.