Cafe Zupas Data Breach Class Action

At Console & Associates, our data breach lawyers are closely examining the recent Cafe Zupas data breach. This data breach was disclosed following a cyber security incident at Cafe Zupas, which potentially exposed sensitive personal identifiable information including names and Social Security numbers of affected individuals.

What Happened?

A recent report from the Vermont Attorney General's Office states that the Cafe Zupas data breach occurred due to unauthorized access to the company's computer systems. The breach was discovered when Cafe Zupas detected suspicious activity within their network infrastructure. In response, the company implemented security measures and launched a comprehensive investigation with assistance from external cybersecurity experts.

The investigation revealed that between October 21, 2024 and October 23, 2024, an unauthorized actor gained access to portions of Cafe Zupas' computer systems containing confidential customer information. The compromised data includes:

• Names
• Social Security numbers

Data breach letters were sent out by Cafe Zupas on February 25, 2025, informing affected individuals about the nature of the incident and the specific types of personal information that may have been compromised in their individual cases.

Steps To Take If You Were Affected By A Data Breach

1. Monitor all accounts and credit reports closely
   1. Set up alerts for suspicious activity
   2. Review all financial statements thoroughly
   3. Request free credit reports and examine them for unauthorized entries
      
      
2. Consider freezing your credit
   1. Contact all three major credit bureaus to place a freeze
   2. Understand this prevents new accounts from being opened in your name
   3. Remember to temporarily lift the freeze when applying for legitimate credit
      
      
3. Look out for phishing attempts using information from the Cafe Zupas data breach
   1. Be wary of unexpected emails or messages claiming to be from Cafe Zupas
   2. Don't click on suspicious links or download unexpected attachments
   3. Verify all communications through official channels
      
      
4. Change passwords for affected accounts
   1. Create strong, unique passwords for each account
   2. Use a combination of letters, numbers, and special characters
   3. Consider using a password manager for better security
      
      
5. Enable two-factor authentication where possible
   1. Add this extra layer of security to all important accounts
   2. Use authenticator apps rather than SMS when available
   3. Keep backup codes in a secure location

For more detailed guidance, explore our “Guide for Victims of a Data Breach” to better understand measures you can take to protect yourself after a data breach.

Cafe Zupas Overview

Zullas LC, operating as Café Zupas LC, is a fast-casual restaurant chain with a business model centered on providing soups, salads, sandwiches, and bowl-style meals. Founded and headquartered in Sandy, Utah, the company has expanded its operations to include more than 70 restaurant locations across 15 states.

Cafe Zupas employs approximately 3,680 people throughout its operations and generates annual revenue estimated at $248 million. The company's growth strategy has focused on establishing restaurants that offer freshly prepared menu items using house-made components including dressings, spreads, and soups.

The restaurant chain maintains a menu structure designed to accommodate various dietary preferences and offers options influenced by diverse culinary traditions. Their operational model incorporates a fast-casual service approach while emphasizing ingredient quality and preparation methods.

Cafe Zupas Data Breach Victims Have Rights - Don’t Wait to Act

How do you know that you were affected by the Cafe Zupas data breach? Usually victims receive a NOTICE OF DATA BREACH in the mail, but the impact of a breach can be felt long before notices are sent to those affected. This can be in the form of fraudulent financial activity and other forms of identity theft.

If you believe you were affected, we encourage you to reach out to our data breach law firm for legal assistance through a no-cost consultation about your situation. We will review your eligibility to file a data breach class action lawsuit and discuss your legal rights and any compensation that may be available to you.

Complete our confidential contact form below and a member of our legal team will be in touch.