Eric Steinmetz, et al v. Brinker International, Inc., No. 21-13146 (11th Cir. 2023)
Annotate this Case
Brinker International, Inc. (“Brinker”), the owner of Chili’s restaurants, faced a cyber-attack in which customers’ credit and debit cards were compromised. Chili’s customers have brought a class action because their information was accessed (and in some cases used) and disseminated by cyber criminals. The district court certified the class, and Brinker appealed that decision. On appeal, Brinker mounted three arguments: 1) the District Court’s class certification order violates our precedent on Article III standing for class actions; 2) the district court improvidently granted certification because the class will eventually require individualized mini-trials on class members’ injuries; and 3) the district court erred by finding that a common damages methodology existed for the class.
The Eleventh Circuit vacated in part and remanded. The court explained that although all three plaintiffs adequately allege a concrete injury sufficient for Article III standing, two of the plaintiffs' allegations face a fatal causation issue. The court explained that while the district court’s interpretation of the class definitions surely meets the standing analysis, the court has outlined for one of the named plaintiffs, the court noted that the phrase in the class definitions “accessed by cybercriminals” is broader than the two delineated categories the district court gave, which were limited to cases of fraudulent charges or posting of credit card information on the dark web. Therefore, the court remanded this case to give the district court the opportunity to clarify its predominance finding.
Some case metadata and case summaries were written with the help of AI, which can produce inaccuracies. You should read the full case before relying on it for legal research purposes.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.