United States District Court, D. Nevada
IN RE SONIC CORP. CUSTOMER DATA SECURITY BREACH LITIGATION
S. Vance Chair
the Panel: [*]
in two Western District of Oklahoma actions, listed on
Schedule A, move under 28 U.S.C. § 1407 to centralize
this litigation in the Western District of
Oklahoma. This litigation consists of five actions
pending in three districts, as listed on Schedule
Plaintiffs in the remaining Western District of Oklahoma
action and the District of Oregon action support the motion
or, alternatively, support centralization in the Northern
District of Ohio. Plaintiffs in the District of Nevada action
and the Northern District of Ohio potential tag-along action
support centralization in the Northern District of Ohio.
Defendant Sonic Corp. opposes centralization or,
alternatively, supports centralization in the Western
District of Oklahoma.
basis of the papers filed and the hearing session held, we
find that centralization under Section 1407 in the Northern
District of Ohio will serve the convenience of the parties
and witnesses and promote the just and efficient conduct of
this litigation. These actions-all of which are putative
nationwide class actions-share factual issues concerning an
incident in which Sonic's point-of-sale system was
breached, allowing computer hackers to gain access to up to 5
million individuals' personally identifiable information.
Centralization will eliminate duplicative discovery; prevent
inconsistent pretrial rulings on class certification and
other issues; and conserve the resources of the parties,
their counsel, and the judiciary.
opposing centralization, defendant argues, inter
alia, that (1) informal cooperation is preferable to
Section 1407 centralization, (2) unique facts and
circumstances predominate over common questions of fact, and
(3) the common factual issues are not sufficiently complex to
warrant centralization, particularly as the litigation
involves only one defendant. Section 1407 “does not
require a complete identity of common factual issues or
parties as a prerequisite to transfer, and the presence of .
. differing legal theories is not significant where, as here,
the actions still arise from a common factual core.”
In re: Auto Body Shop Antitrust Litig., 37 F.Supp.3d
1388, 1390 (J.P.M.L. 2014). The factual overlap among these
actions is substantial, as they all arise from the same data
breach, and all allege that Sonic failed to put in place
reasonable data protections. All actions allege similar
claims, including for negligence. The Panel previously has
centralized a similar number of data breach actions, even
those involving a lone defendant. See In re: Sprouts
Farmers Market, Inc., Employee Data Sec. Breach Litig.,
232 F.Supp.3d 1348 (J.P.M.L. 2016).
persuaded that the Northern District of Ohio-a
centrally-located and easily accessible location-is an
appropriate transferee forum for this litigation. All
responding plaintiffs support this district, in the first
instance or in the alternative. The Northern District of Ohio
potential tag-along action is assigned to Judge James S.
Gwin, an experienced transferee judge who we are confident
will steer these cases on a prudent course.
THEREFORE ORDERED that the actions listed on Schedule A are
transferred to the Northern District of Ohio, and, with the
consent of that court, assigned to the Honorable James S.
Gwin for coordinated or consolidated pretrial proceedings.
Marjorie O. Rendell R. David Proctor.
Charles R. Breyer Catherine D. Perry.
v. SONIC CORP., C.A. No. 2:17-02524
District of Oklahoma
ET AL. v. SONIC CORP., C.A. No. 5:17-01032 RAMIREZ v. SONIC
CORP., C.A. No. 5:17-01044 LEWIN, ET AL. ...