Bojangles accused of exposing employees’ personal data to cyber criminals

CHARLOTTE, N.C. — A group of former employees filed a lawsuit against Bojangles claiming the Charlotte-based restaurant chain failed to protect their personal and health information. 

Bojangles’ poor cybersecurity allowed hackers to steal sensitive information from thousands of current and former employees, the ex-employees said in a federal lawsuit on Thursday. 

Between Feb. 19, 2024, and March 12, 2024, cybercriminals broke into Bojangles’ computer systems and stole employees’ personal information. Names, addresses, Social Security numbers, driver’s license numbers, financial details and medical records were exposed to hackers, the lawsuit states.

Bojangles announced what it knew about the data breach in a December statement, nine months after the breach happened. 

“Our investigation and review were recently completed, and at this time, we believe personal and financial information affiliated with certain current and former employees was viewed and downloaded from the company’s systems by an unknown actor,” the statement said. 

The employees who filed the new lawsuit claim Bojangles’ failure to protect their data has caused them significant harm, including increased spam and scam phone calls, anxiety, stress and the risk of identity theft. 

They also claimed Bojangles waited too long to tell them about the data breach. 

In addition to financial compensation, the lawsuit calls for Bojangles to improve its cybersecurity measures to protect employees’ sensitive information. 

Customer data was not impacted by the breach, according to Bojangles.

As of now, Bojangles’ has not publicly commented on the lawsuit. 

For the latest breaking news, weather and traffic alerts that impact you from WCNC Charlotte, download the WCNC Charlotte mobile app and enable push notifications.