In January 2023, Francesca’s, a women’s clothing retailer, suffered a data breach between January 12 and January 31, exposing sensitive customer and employee information—including Social Security numbers, driver’s license numbers, account details, and addresses. The breach led to a class action lawsuit, with plaintiffs alleging negligence in cybersecurity measures, claiming the company failed to implement adequate safeguards to prevent unauthorized access. The settlement allows affected individuals to claim up to $1,500 for ordinary losses (e.g., fraudulent transactions, identity theft mitigation) and up to $5,000 for extraordinary losses (e.g., severe financial harm or prolonged identity theft). Additional compensation includes $25/hour for up to five hours of lost time spent resolving breach-related issues. Customers not seeking reimbursement for losses can opt for a flat $50 payment ($75 for California residents). All claimants receive two years of free credit monitoring. The breach’s financial and reputational fallout is significant, with potential long-term trust erosion among customers. The lawsuit underscores the growing legal and operational risks companies face when failing to protect consumer data in an era of escalating cyber threats.

The Washington State Office of the Attorney General reported a data breach involving Francesca's Services Corporation on November 19, 2018. The breach occurred between December 28, 2017, and July 9, 2018, potentially affecting 1,148 Washington residents by capturing sensitive information during the checkout process due to unauthorized code present in a third-party vendor's application.