Garden of Life LLC, a provider of vitamins and supplements, is facing three class-action lawsuits stemming from a data breach that exposed customers’ payment card information. The lawsuits, filed in Florida federal court, allege negligence and inadequate data security measures by the company.
Garden of Life Data breach Exposed Names, Addresses, Payment Card Info
The Garden of Life breach, discovered on December 18, 2024, involved unauthorized access to the company’s website’s payment processing software. This access occurred as early as July 2024, according to the complaints.
The compromised data included sensitive information such as names, addresses, email addresses, credit and debit card numbers, expiration dates, and CVV numbers. The plaintiffs argue that Garden of Life did not adequately protect customer data, leading to significant financial and privacy risks.
Garden of Life LawSuit
The lawsuits highlight different aspects of the company’s alleged failures. One lawsuit focuses on data security failures and privacy violations. Another criticizes the company’s six-month delay in notifying customers of the breach, increasing the risk of identity theft and financial harm.
Plaintiffs from Florida, North Carolina, and California are seeking class certification, damages, fees, costs, and a jury trial. The legal claims include negligence, negligence per se, unjust enrichment, breach of implied contract, and breach of confidence.
The breach highlights the ongoing challenges companies face in securing sensitive customer information in the digital age. The outcome of these lawsuits will have significant implications for Garden of Life and could set a precedent for other businesses regarding data security responsibilities.