XML 25 R15.htm IDEA: XBRL DOCUMENT v3.4.0.3
LEGAL CONTINGENCIES
3 Months Ended
Apr. 30, 2016
Commitments and Contingencies Disclosure [Abstract]  
LEGAL CONTINGENCIES

NOTE 9: LEGAL CONTINGENCIES

 

On August 10, 2015, following an investigation by a third-party cyber-security firm, the Company reported that there had been unauthorized access to two Company servers through which payment card data is routed. The investigation uncovered malware on the two servers beginning on March 23, 2015, and that malware operated on one server until April 8, 2015 and on the other server until April 24, 2015.  The malware was designed to search only for "track 2" data—data from the magnetic stripe of payment cards that contains only the card number, expiration date and verification code.  During this time period, track 2 data was at risk of disclosure; however, the third-party cyber-security firm did not find evidence that track 2 data was removed from the Company’s system.  No other customer information was involved.  The malware has been removed from the Company’s system, and the Company has implemented and is continuing to implement enhanced security measures to prevent similar events from occurring in the future.  On October 22, 2015, the Company received an assessment from MasterCard relating to this incident in the amount of approximately $2.9 million.  The Company paid the assessment on February 26, 2016 after its appeal was denied.  The Company has reached a settlement with Discover to make certain security improvements, which if made, will not require the Company to make any payment to Discover related to the incident.  The Company is in the process of making these security improvements.  American Express has also issued an assessment related to the incident of $52,525.  The Company is in discussions with American Express concerning this assessment.   The Company has not yet received an assessment from Visa.  On October 15, 2015, a lawsuit entitled Southern Independent Bank v. Fred’s, Inc. was filed in the United States District Court, Middle District of Alabama related to the data security incident.  The Complaint alleges on behalf of the plaintiff and financial institutions similarly situated (“alleged class of financial institutions”) that the Company was negligent in failing to use reasonable care in obtaining, retaining, securing and deleting the personal and financial information of customers who use debit cards issued by the plaintiff and alleged class of financial institutions to make purchases at Fred’s stores.  The complaint also alleges that the Company made negligent misrepresentations that the Company possessed and maintained adequate data security measures and systems that were sufficient to protect the personal and financial information of shoppers using debit cards issued by the plaintiff and alleged class of financial institutions.  The complaint seeks monetary damages and equitable relief to be proved at trial as well as attorneys’ fees and costs.  The Company has denied the allegations and has filed a motion to dismiss all claims, which is currently pending before the Court. Future costs or liabilities related to the incident may have a material adverse effect on the Company.  Costs may include liabilities to payment card networks for reimbursement of payment card fraud and reissuance costs, liabilities from current and future civil litigation, governmental investigations and enforcement proceedings, as well as legal and investigative costs.  The Company has cyber-security risk insurance with a $10 million limit and a sub-limit of $250,000 for fines and liabilities to payment card networks, which will offset some of these costs.

 

On January 21, 2016, a lawsuit styled as Stephanie Bryant, on behalf of herself and others similarly situated v. Fred’s Stores of Tennessee, Inc. was filed in the United States District Court, Southern District of Mississippi.  The complaint alleges that plaintiff and other store managers were improperly classified as exempt employees under the Fair Labor Standards Act.  The complaint seeks declaratory and monetary relief for overtime compensation that plaintiff alleges was not paid as well as costs and attorneys’ fees.  The Company denies the allegations and believes that its managers are appropriately classified as exempt employees.

 

In addition to the matters disclosed above, the Company is party to several pending legal proceedings and claims arising in the normal course of business.  Although the outcomes of these proceedings and claims against the Company cannot be determined with certainty, management of the Company is of the opinion that these proceedings and claims should not have a material adverse effect on the Company’s financial statements as a whole.  However, litigation involves an element of uncertainty.  Future developments could cause these actions or claims, individually or in aggregate, to have a material adverse effect on the Company’s financial statements as a whole.