BIANUCCI v. RITE AID CORPORATION

• Court: District Court, E.D. Pennsylvania
• Decided: July 30, 2025
• Docket: 2:24-cv-03356
• Status: Unknown

Opinion

IN THE UNITED STATES DISTRICT COURT FOR THE EASTERN DISTRICT OF PENNSYLVANIA

MARGARET BIANUCCI, et al. : CIVIL ACTION : v. : : RITE AID CORPORATION : NO. 24-3356

MEMORANDUM Bartle, J. July 30, 2025 In July of 2024, five putative class actions were filed in this court which alleged that Rite Aid Corporation, among other things, was negligent and in violation of certain state statutes with respect to a data breach which it discovered on June 6, 2024.1 In that breach, a third party acquired certain data, including names, addresses, dates of birth, and driver’s license numbers or other forms of government-issued identification presented at the time of purchase at certain Rite Aid locations between June 6, 2017, and July 30, 2018. Before the court is the motion of lead plaintiffs Margaret Bianucci, Kathryn Edwards, Erica Judka, and Faith Spiker for final approval of the settlement agreement (Doc. # 54) in this putative class action. The settlement consists of $6,800,000 in cash as well as injunctive relief. Out of this

1. These actions were consolidated in this docket, Bianucci v. Rite Aid Corporation, Civ. A. No. 24-3356 (E.D. Pa.). At that time, plaintiffs’ counsel, Andrew W. Ferich, Esq., Kevin Laukaitis, Esq., Thomas E. Loeser, Esq., Ashley Crooks, Esq., and Benjamin F. Johns, Esq., were appointed interim co-lead fund, lead plaintiffs seek to pay class members, attorneys’ fees, litigation expenses, service awards, and administrative expenses (Doc. # 51). I Lead plaintiffs filed their consolidated amended complaint (Doc. # 21) on September 16, 2024. It alleges that on June 6, 2024, Rite Aid learned that an unknown third party had

impersonated a Rite Aid employee in order to gain access to its business systems. Rite Aid determined that the third party acquired “certain data associated with the purchase or attempted purchase of specific retail products” between June 6, 2017 and July 30, 2018. That data included purchasers’ names, addresses, dates of birth, driver’s license numbers or other forms of identification. Plaintiffs assert that Rite Aid had a duty to implement and maintain reasonable and adequate security measures to protect its customers’ personal identifying information. According to the amended complaint, Rite Aid failed to notify affected individuals of this data breach until July 15,

2024. It offered credit monitoring and identity restoration services to those affected, which plaintiffs assert was inadequate to remedy the risks posed by the disclosure of the data. They aver that Rite Aid’s notice was also inadequate because it failed to explain how the data breach occurred or what steps it would take to prevent future breaches. Plaintiffs claim that Rite Aid’s conduct resulting in the data breach and its aftermath violated the California Consumer Privacy Act, Cal. Civ. Code §§ 1798.100, et seq. (Count VI), the California Unfair Competition Law, Cal. Bus. & Prof. Code §§ 17200, et seq. (Count VII), the California Customer Records Act, Cal. Civ. Code §§ 1798.80, et seq. (Count VIII), the Washington Consumer Protection Act, RCW §§ 19.86.010, et

seq. (Count IX), and the Ohio Consumer Sales Practices Act, ORC §§ 1345, et seq. (Count X). Plaintiffs also allege common-law claims of negligence (Count I), negligence per se (Count II), breach of fiduciary duty (Count III), unjust enrichment (Count IV), and breach of implied contract (Count V). On October 16, 2024, Rite Aid filed a motion to dismiss the consolidated amended complaint pursuant to Rule 12(b)(1) and 12(b)(6) of the Federal Rules of Civil Procedure. While that motion was pending, the parties participated in a mediation with Bennett Picker, Esq. on January 22, 2025. Shortly after the mediation, the parties informed this court

that a settlement had been reached in principle (Doc. # 37). The parties executed the settlement agreement on February 28, 2025 (Doc. # 38-2) and moved for preliminary approval of the settlement that same day. The court held the motion to dismiss in abeyance as a result. On March 4, 2025, this court granted preliminary approval and ordered that lead counsel disseminate notice of the class action settlement to the class on or before April 8, 2025 (Doc. # 40). As noted, the settlement consists of a common fund of $6,800,000. Settlement Agreement at ¶ 3.1, Bianucci v. Rite Aid Corp., Civ. A. No. 24-3356 (E.D. Pa. Feb. 28, 2025) (Doc. # 38-2) (“Settlement Agreement”). Class members were authorized

to file a claim for either a documented loss2 or a pro rata cash fund payment. The Settlement Agreement contemplated that payments would be distributed as follows: The Settlement Fund shall be used to make payments for the following: (i) Administrative Expenses, (ii) Fee Award and Costs, (iii) Service Award, and (iv) taxes. The remaining amount is the Net Settlement Fund. The Settlement Administrator will first apply the Net Settlement Fund to pay Approved Claims for Documented Loss Payments. The amount of the Net Settlement Fund remaining after all Documented Loss Payments are applied shall be referred to as the “Post DL Net Settlement Fund.” The Settlement Administrator shall then utilize the Post DL Net Settlement Fund to make all Cash Fund Payments pursuant to Section 3.2(b).

2. Class members that incurred losses in relation to the data breach could submit a claim of up to $10,000 in reimbursement. Members must submit reasonable documentation that the claimed loss was more likely than not a result of the data breach. Id. at ¶¶ 1.15, 3.2(a). Kroll, as the claims administrator, has the discretion to reject these claims. Class members that cannot timely cure their claim will be automatically considered for a cash fund payment. Id. Id. at ¶ 3.7. This payment is “designed to exhaust” the settlement fund. To the extent that funds remain more than 120 days after the initial distribution, “a subsequent Settlement Payment will be made evenly to all Class members with approved claims for Cash Fund Payments who cashed or deposited the initial payment they received,” provided such a payment will be equal or greater than $3.00 per person. Id. at ¶ 3.9. When the

total remaining results in a pro rata payment less than $3.00, the remaining funds will be distributed by agreement of the parties to a court-approved non-profit recipient. Id. The settlement agreement also requires Rite Aid to “adopt, maintain, and/or implement data and information security measures, at its expense, which are designed to strengthen Rite Aid’s data and information security.” Id. at ¶ 2.1. As part of its order preliminarily approving the settlement, the court also provisionally appointed interim class counsel, and provisionally certified the class under Rule 23(b)(3), defined as:

All residents of the United States whose Personal Information was compromised or potentially compromised in the Rite Aid Data Breach, including all persons who received notice of the Data Breach. Id. at ¶ 13.3 The court, on the recommendation of lead plaintiffs, also preliminarily appointed the experienced Kroll

3. This definition excludes “(1) the Judge(s) presiding over Settlement Administration LLC as the settlement administrator. The court scheduled a hearing for final approval for July 17, 2025. Pursuant to this court’s order, 2,038,179 copies of the settlement notice were provided to putative class members whose personal information was compromised as a result of the breach. Class members were able to opt-out or object to the

settlement on or before June 6, 2025. As of that date, twenty- four class members had opted-out of the settlement and no members had objected. On May 8, 2025, Rite Aid filed a suggestion of bankruptcy, and this court then stayed the action (Doc. # 44). On June 11, 2025, lead plaintiffs notified the court that the United States Bankruptcy Court for the District of New Jersey granted plaintiffs’ motion for relief from the automatic bankruptcy stay in order to seek final approval of the settlement (Doc. # 47). Since Rite Aid did not file for bankruptcy until after

notice of settlement was sent to class members, this court, after lifting the stay, ordered that the twenty-four class

staff; (2) Rite Aid, its subsidiaries, parent companies, successors, predecessors, and any entity in which Rite Aid or its parents, have a controlling interest, and its current or former officers and directors; (3) natural persons who properly execute and submit a Request for Exclusion prior to the expiration of the Opt-Out Period; and (4) the successors or assigns of any such excluded natural person.” Id. at ¶ 1.41. members who had previously opted-out of the settlement be given a second opportunity to file a proof of claim. The court allowed those class members to do so due to the significant change in circumstances caused by the subsequent bankruptcy. These individuals had until July 28, 2025 to submit a claim. Five of these individuals have now chosen to opt-in to the settlement, leaving nineteen remaining class members who have

not rescinded their opt-outs. There have been no objections to the settlement as of July 17, 2025.4 Kroll estimates that its notice program reached approximately 96.67% of class members. As of July 14, 2025, it has received 69,451 claim forms (a claim rate of 3.35%), 256 of which are documented loss claims.5 Kroll estimates that the pro rata payment will be $38.28 for the approximately 57,000 non- California residents. As the California state law provides for statutory damages, the roughly 11,800 California class members will receive double that amount, about $76.

4. On May 26, 2025, class member Bart McCann submitted a letter to this court (Doc. # 47). He stated that he was unable to file a claim for payment from the settlement. Since the court received this letter, the Settlement Administrator contacted McCann and confirmed that he had received the claim form. The court does not construe this communication as an objection to the settlement. 5. Kroll estimates that approximately 10%, or 26 documented loss claims, will be substantiated with reasonable documentation. Claims for documented loss which cannot be substantiated will automatically be provided with a pro rata cash fund payment. Settlement Agreement, at ¶ 3.2(a). As of July 17, 2025, Kroll has billed $1,008,079.11 in administrative expenses and estimates that it will ultimately bill a total of $1,233,500. This estimate is “subject to change depending on factors such as the number of Claim Forms remaining to be reviewed, number of Claim Forms filed, number of Settlement Payments to be made by check, and/or any Settlement administration scope change not currently under consideration.”

Class counsel asserts that, should a second distribution be necessary, Kroll’s administrative expenses will not exceed $1,300,000. Again, the settlement agreement contemplates that such expenses will be satisfied from the $6,800,000 settlement fund. See Settlement Agreement at ¶ 3.7. Rite Aid reserved the right to oppose lead plaintiffs’ request for attorneys’ fees. The Settlement Agreement states: The Settlement is not conditioned upon the Court’s approval of an award of Class Counsel’s Fee Award and Costs or Service Awards. Rite Aid reserves the right to oppose or challenge Plaintiffs’ request for Class Counsel’s Fee Award and Costs, and Class Representative Service Awards. Id. at ¶ 9.3. Rite Aid has not filed any objection to the pending motion for attorneys’ fees. Now, lead plaintiffs seek final approval of the settlement agreement (Doc. # 54) as well as attorneys’ fees of $2,380,000, that is 35% of the settlement amount, as well as $40,697.43 in litigation costs and expenses. Finally, each of the four plaintiffs, as a class representative, requests $3,500 as a service fee for a total of $14,000 (Doc. # 51). II A district court may only approve a settlement of class action litigation after a hearing and upon finding that the settlement is “fair, reasonable, and adequate.” Fed. R. Civ. P. 23(e)(2).

Our Court of Appeals has identified nine factors to guide the lower courts in approving proposed class action settlements. See Girsh v. Jepson, 521 F.2d 153, 157 (3d Cir. 1975). Those factors are: (1) The complexity, expense, and likely duration of the litigation; (2) the reaction of the class to the settlement; (3) the stage of the proceedings and the amount of discovery completed; (4) the risks of establishing liability; (5) the risks of establishing damages; (6) the risks of maintaining the class action through the trial; (7) the ability of the defendants to withstand a greater judgment; (8) the range of reasonableness of the settlement fund in light of the best possible recovery; and (9) the range of reasonableness of the settlement fund to a possible recovery in light of all the attendant risks of litigation. In re Warfarin Sodium Antitrust Litig., 391 F.3d 516, 534-35 (3d Cir. 2004) (citing Girsh, 521 F.2d at 156-57). The court should presume that a settlement was fair if it makes a preliminary finding that (1) the settlement was developed as a result of arms’ length negotiations; (2) there was sufficient discovery in the litigation; (3) proponents of the settlement are experienced in similar litigation; and (4) only a small fraction of the class objected. In re Cendant Corp. Litig., 264 F.3d 201, 232 n.18 (3d Cir. 2001). The law favors settlement of class action litigation. In re General Motors Corp. Pick-Up Truck Fuel Tank Prods. Liab. Litig., 55 F.3d 768, 784 (3d Cir. 1995). Such settlement

conserves valuable judicial resources, avoids the expense of formal litigation, and resolves disputes that would otherwise linger for years. See id. The parties engaged in a full-day mediation session with Bennett Picker, Esq., a well-respected mediator with experience in data breach class actions. The involvement of a neutral mediator demonstrates that these negotiations were conducted at arm’s length. See Utah Ret. Sys. v. Healthcare Servs. Grp., Civ. A. No. 19-1227, 2022 WL 118104, at *8 (E.D. Pa. Jan. 12, 2022). Lead counsel’s respective resumes demonstrate that they have extensive experience in the field.

The parties entered the mediation after briefing on defendant’s motion to dismiss and engaging in discovery. After reaching a settlement, plaintiffs also engaged in further confirmatory discovery. Finally, out of over two million class members who were notified, no class member has objected to the settlement. Accordingly, the court presumes that this settlement is fair. Regardless of this presumption, the court will nevertheless evaluate the settlement in light of the factors enunciated by our Court of Appeals in Girsh. The first Girsh factor is the complexity, expense, and likely duration of the litigation. First, the court would need to resolve defendant’s motion to dismiss, which is still pending and involves threshold questions of standing and adequacy of

plaintiffs’ pleading. Assuming plaintiffs surmount these hurdles, continuing to litigate the case would have required further discovery, including expert reports and a costly “battle of the experts.” Choosing to forgo settlement at this stage would also jeopardize the amount available to the class. The bankruptcy court’s decision to lift the stay as to this action was contingent on the fact that the settlement would be paid out solely through Rite Aid’s insurance carrier, rather than through its own assets. Spending more time proving these claims before the court would merely increase expenses without increasing the total recovery to the class. If plaintiffs sought remuneration

beyond Rite Aid’s insurance carrier, recovery would have been uncertain. As a result of the bankruptcy, the class members would have to seek judgments as unsecured creditors. They are far less likely to recover money under these circumstances. See Barletti v. Connexin Software, Inc., Civ. A. No. 22-4676, 2024 WL 3564556, at *5 (E.D. Pa. July 24, 2024). The first factor clearly favors approval of the settlement. The second Girsh factor is the “reaction of the class to the settlement.” As stated above, over 65,052 claims have been submitted, and only nineteen class members have requested to opt-out of the settlement. No member of the class has objected to the award. The lack of any objection supports

approval of the settlement. The third Girsh factor which the court must evaluate is the stage of the proceedings and the amount of discovery completed. The court must “determine whether counsel had an adequate appreciation of the merits of the case before negotiating.” Warfarin, 391 F.3d at 537 (quoting Cendant, 264 F.3d at 235). Although the case had only been pending for four months prior to settlement, plaintiffs’ counsel interviewed the lead plaintiffs and assert that they engaged in robust pre- mediation discovery as well as additional confirmatory discovery from Rite Aid. This factor weighs neither in favor nor against

approval of the settlement. Next, the court will take into account the potential risks that lead plaintiffs would encounter in establishing liability as set forth in the fourth Girsh factor. First, lead plaintiffs would still have to defend its amended complaint from Rite Aid’s pending motion to dismiss, which challenges plaintiffs’ standing and the adequacy of their allegations. Additionally, plaintiffs would face additional obstacles in obtaining class certification, securing and defending the opinions of their experts, and surviving a motion for summary judgment from defendant. Class certification, once achieved, would need to be maintained throughout the litigation. An analysis of this factor favors the settlement.

Girsh states as the fifth factor that the court should weigh the potential risks that lead plaintiffs would confront in establishing damages. Data breach cases such as this one are uniquely difficult because in order to recover, plaintiffs must show that they suffered as a result of the data breach. See, e.g., In re Healthec LLC Data Breach Litig., Civ. A. No. 24-26, 2025 WL 1603267, at *9 (D.N.J. June 6, 2025). Due to these clear risks in establishing damages, this factor favors settlement. The court next turns to the sixth Girsh factor, the risks to the lead plaintiffs in maintaining their litigation

through trial. Even when there is class certification, it is always possible the class will be decertified. Warfarin, 391 F.3d at 537. This risk shows this factor favors approval of settlement. The seventh Girsh factor directs the court to consider “whether the defendants could withstand a judgment for an amount significantly greater” than the settlement reached. Cendant, 264 F.3d at 240. Rite Aid, which is currently in Chapter 11 bankruptcy, is unlikely to be able to withstand a greater judgment. The bankruptcy court lifted its stay as to this action contingent on the fact that the settlement is funded by money available under its applicable insurance policy. This factor weighs heavily in favor of settlement.

The final two Girsh factors are the range of reasonableness of the settlement in light of both the best possible recovery and the attendant risks of litigation. The court must decide whether the settlement “represents a good value for a weak case or a poor value for a strong case.” Lead plaintiffs do not present any evidence as to the percentage of losses that the class will recoup but emphasize that the present value of the settlement is guaranteed. Again, proceeding to trial, or otherwise continuing to litigate this case, poses significant risks. The class is unlikely to reap a greater recovery as a result of Rite Aid’s pending Chapter 11

bankruptcy. Due to the bankruptcy, the settlement before the court is reasonable as the settlement, within the bounds of Rite Aid’s insurance policy, is a reasonable total and avoids the real risks and uncertainty posed by maintaining a suit for damages against a party in bankruptcy. These two factors counsel toward approval of the settlement. Finally, the court must consider the reasonableness of Kroll’s request for its administrative expenses. So far, it has expended $1,008,079.11 in administrative expenses, largely attributable to the high cost of mailing notice to over two million class members. It anticipates that its total expenses will be $1,233,500, but as noted, Kroll has represented that its administrative expenses could be higher if additional

distributions of the settlement fund are required. In any event, it expenses will not exceed $1,300,000. The parties contemplated that the administrative expenses would be paid prior to any distribution to class members. Settlement Agreement, at ¶ 3.7. Kroll was chosen after a competitive bidding process and class counsel represented at the final approval hearing that these administrative expenses are “not surprising” based on the time and effort expended by the administrator. The court finds that payment to Kroll of up to $1,300,000 in administrative expenses to be reasonable.

Accordingly, the court finds that the settlement is fair, reasonable, and adequate. It will be approved. III

As stated above, the court granted provisional approval of a settlement class in its order granting preliminary approval of the settlement. A court may not grant final approval of a settlement unless the class meets all prerequisites of Rule 23. See In re General Motors Corp. Pick- Up Truck Fuel Tank Prods. Liab. Litig., 55 F.3d 768, 797 (3d Cir. 1995). Plaintiffs seek approval of a Rule 23(b)(3) class composed of “[a]ll residents of the United States whose Personal Information was compromised or potentially compromised in the Rite Aid Data Breach, including all persons who received notice

of the Data Breach.” First, any class must meet the prerequisites set forth in Rule 23(a): numerosity, commonality, typicality, and adequacy of representation. Numerosity is typically satisfied when a class exceeds forty members – this settlement class of approximately two million individuals far exceeds that number. See in re Processed Egg Prod. Antitrust Litig., 284 F.R.D. 249, 260 (E.D. Pa. 2012). There are common questions of law and fact that must be answered regarding the class. Significantly, to establish liability a factfinder must determine whether Rite Aid had a

duty to protect plaintiffs’ information from unauthorized disclosure and theft. Whereas here plaintiffs suffer from the same data breach, commonality has been satisfied. See In re Phila. Inquirer Data Sec. Litig., Civ. A. No. 24-1206, 2025 WL 845118, at *5 (E.D. Pa. Mar. 18, 2025). The inquiries of typicality and adequacy “tend to merge” because they both consider potential conflicts and whether the claim of the named plaintiffs is so interrelated to the claim of the class such that the class can be fairly and adequately protected. Beck v. Maximus, Inc., 457 F.3d 291, 296 (3d Cir. 2006). The claims of the named plaintiffs are typical of the class – like the class members, the security of their

data was compromised as a result of the data breach suffered by Rite Aid and its customers. Finally, plaintiffs and class counsel adequately represent the class. There is no apparent conflict between the named plaintiffs and the absent class members. In re Flat Glass Antitrust Litig., 191 F.R.D. 472, 482 (W.D. Pa. 1999). Class counsel also negotiated this settlement agreement with years of experience with class actions generally, and data breach class actions more specifically. In sum, the court finds that the class satisfies the prerequisites set forth in Rule 23(a). Next, the court turns to whether the class may be

certified under Rule 23(b)(3). This provision is often referred to as the “money damages” class. It allows for certification when “the court finds that the questions of law or fact common to class members predominate over any questions affecting only individual members and that a class action is superior to other available methods of fairly and efficiently adjudicating the controversy.” Fed. R. Civ. P. 23(b)(3). In making this finding, the court considers: (A) the class members’ interests in individually controlling the prosecution or defense of separate actions; (B) the extent and nature of any litigation concerning the controversy already begun by or against class members; (C) the desirability or undesirability of concentrating the litigation of the claims in the particular forum; and (D) the likely difficulties in managing a class action. Id. This Rule requires that potential class members be notified of the pending litigation and provided an opportunity to opt-out from the class. Wal-Mart Stores, Inc. v. Dukes, 564 U.S. 338, 362 (2011). Predominance “asks whether common issues of law or fact in the case predominate over non-common, individualized issues of law or fact.” Neale v. Volvo Cars of N. Am., LLC, 794 F.3d 353, 370 (3d Cir. 2015). The presence of individual questions does not bar a finding of predominance, but such individualized issues cannot “overwhelm” common ones. Id. at 371. Questions as to Rite Aid’s obligations to safeguard the class members’ personal information and as to its duty to the class can be answered in the aggregate. Individualized questions of injury do not predominate over these common liability questions, and for this reason the requirement of predominance is satisfied. Finally, certification pursuant to Rule 23(b)(3) is appropriate if a “class action is superior to other available methods for the fair and efficient adjudication of the controversy.” Litigating these cases individually would not be feasible. Each class member has relatively low damages, and the cost of litigating the individual claim would not be worth it. Proceeding as a class action permits class members with small

claims to vindicate their rights. Accordingly, the court will certify the class under Rule 23((b)(3). IV Lead plaintiffs also seek approval of fees for lead counsel in the amount of $2,380,000, that is 35% of the settlement fund. Under the settlement agreement before the court, the parties agreed that Class Counsel may file a motion seeking an award of attorneys’ fees of up to 35% of the Settlement Fund . . . no later than 14 days prior to the Objection Deadline. The motion for a Fee Award and Costs shall be posted on the Settlement Website. The Settlement Administrator shall pay any attorneys’ fees, costs, and expenses awarded by the Court to Class Counsel in the amount approved by the Court, from the Settlement Fund, within 5 Business Days after the Effective Date. Settlement Agreement at ¶ 9.1. At oral argument, class counsel represented that they had a “handshake” agreement as to how the fees would be distributed among the team’s five firms. After a class is certified under Rule 23, the court “may award reasonable attorney’s fees and nontaxable costs that are authorized by law or by the parties’ agreement.” Fed. R. Civ. P. 23(h). Both the Supreme Court and our Court of Appeals favor calculation of attorney’s fees as a percentage of class recovery. See Boeing Co. v. Van Gemert, 444 U.S. 472, 478-79 (1980); In re AT&T Corp., 455 F.3d 160, 164 (3d Cir. 2006).

In determining the reasonableness of a proposed award for counsel in class action settlements such as this, our Court of Appeals has stated that a district court should consider the following seven so-called Gunter factors: (1) the size of the fund created and the number of beneficiaries, (2) the presence or absence of substantial objections by members of the class to the settlement terms and/or fees requested by counsel, (3) the skill and efficiency of the attorneys involved, (4) the complexity and duration of the litigation, (5) the risk of nonpayment, (6) the amount of time devoted to the case by plaintiffs’ counsel, and (7) the awards in similar cases. Gunter v. Ridgewood Energy Corp., 223 F.3d 190, 195 n.1 (3d Cir. 2000) (citing In re Prudential Ins. Co. of Am. Sales Pracs. Litig. Agent Actions, 148 F.3d 283, 336-40 (3d Cir. 1997)). If the court does not reach a conclusion upon consideration of the Gunter factors, it may conduct a lodestar cross-check. Cendant, 264 F.3d at 284-85. First, the court will take into account the size of the fund created and the number of beneficiaries. Lead plaintiffs achieved a cash settlement of $6.8 million potentially to benefit up to 2.2 million class members. If each class member affected filed claim for a pro rata cash payment, each individual would receive a payment of $3.09 from the settlement fund. It is unlikely each class member will file a

claim. As of July 17, 2025, 69,451 had done so. It is estimated that non-California class members will receive $38.28 pro rata, with California residents receiving twice that amount. Even in light of the large class size, class counsel has achieved a larger recovery per class member than other recently approved settlements in data breach class actions. See Barletti, 2024 WL 3564556, at *1; see also In re NCB Mgmt. Servs., Inc. Data Breach Litig., Civ. A. No. 23-1236, 2025 WL 1397414, at *1 (E.D. Pa. May 13, 2025). This factor supports the approval of the fee. The court reiterates that no class member has objected

to the settlement. Thus, the reaction of the settlement class, the second Gunter factor, weighs in favor of approval of the attorneys’ fee requested. The third Gunter factor is the skill and efficiency of the attorneys involved. Lead counsel are highly experienced in data privacy and class action litigation and was chosen specifically due to their expertise. Counsel was also notably efficient in resolving these claims before Rite Aid declared bankruptcy. After the bankruptcy, they promptly secured leave from the bankruptcy court to continue to seek approval of the settlement, ensuring that class members could be provided with remuneration rather than waiting for payment as unsecured creditors in lengthy bankruptcy proceedings. This factor

clearly weighs in favor of approval of the fee request. The fourth Gunter factor is the complexity and duration of the litigation. Although this litigation has only been pending for about ten months, it has been complex. Lead counsel dealt with Rite Aid’s intervening bankruptcy. Their work in this respect was admirable. After receiving notice of the bankruptcy, they promptly obtained leave from the bankruptcy court to continue with the settlement process conditional on payment of the settlement by Rite Aid’s insurance carrier. Counsel’s expedition meant that there was no delay in notice or claims processing for the class. Counsel could not have secured

a better outcome for the class. These circumstances favor the granting of the award of attorneys’ fees. The court, pursuant to the fifth Gunter factor, considers the risk of nonpayment. Lead counsel represented the class on an entirely contingent basis. The risk created by representing a party on a contingent fee basis “militates in favor of approval.” In re Viropharma Inc. Sec. Litig., Civ. A. No. 12-2714, 2016 WL 312108, at *17 (E.D. Pa. Jan. 25, 2016) (citing In re Schering-Plough Corp. Enhance ERISA Litig., Civ. A. No. 08-1432, 2012 WL 1964451, at *7 (D.N.J. May 31, 2012)). The risk of nonpayment in this action is even greater, as lead counsel faced Rite Aid’s bankruptcy during claims processing. The significant risk of nonpayment counsels toward the granting

of the fee award. The court turns to the sixth Gunter factor, which concerns the amount of time lead counsel devoted to this action. They have certified that they worked 1,135.04 hours on this litigation. This amount of time is reasonable. Lead counsel’s time supports this award of the attorneys’ fees. Finally, under the seventh Gunter factor, the court will compare this proposed award to awards in similar cases. An award of approximately 35% of the settlement fund is typical for lead counsel in data breach class action settlements in this district. See, e.g., Gravely v. PetroChoice, LLC, Civ. A. No.

19-5409, 2022 WL 2316174, at *2 (E.D. Pa. June 28, 2022); Barletti, 2024 WL 3564556, at *1. An attorneys’ fee of 35% of the settlement here is fair and reasonable. The calculation of the lodestar does not require a different result.6 The award of attorneys’ fees requested will be approved. V Lead plaintiffs also seek an award to lead counsel to reimburse them for litigation expenses. Again, Rule 23 permits parties to seek nontaxable costs after certification of a class

upon the agreement of parties. See Fed. R. Civ. P. 23(h). In the Settlement Agreement, the parties agreed that “Class Counsel may file a motion seeking . . . reasonably incurred litigation expenses and costs . . . no later than 14 days prior to the Objection Deadline.” Settlement Agreement, at ¶ 9.1. Counsel incurred a total of $40,697.43 in expenses. Ahdoot & Wolfson, PC, incurred $16,267.52, Shub Johns & Holbrook LLP incurred $14,906.34, Laukaitis Law LLC incurred $2,622.94, Cotchett Pitre & McCarthy LLP incurred $3,150.29, and Hausfeld LLP incurred $3,750.34. Such expenses include the costs of the mediation, legal research, photocopying, and court fees.

6. The lodestar is the number of hours class counsel worked multiplied by the reasonably hourly billing rate for the services rendered. In re AT&T Corp., 455 F.3d at 164. Class counsel expended a total of 1,183.04 hours litigating this matter, which the court finds reasonable. The court also finds its hourly rates, which range from $1,300 to $850 for partners, $800 to $520 for associates, and $350 to $150 for support staff, to be reasonable in this market. Multiplying the individual’s hourly rate by their hours worked, class counsel’s total lodestar is $890,284.25. Requesting litigation expenses is standard practice. See McDonough v. Toys R Us, Inc., 80 F. Supp. 3d 626, 658 (E.D. Pa. 2015). As stated in Lachance v. Harrington, “there is no doubt that an attorney who has created a common fund for the benefit of the class is entitled to reimbursement of his reasonable litigation expenses from that fund.” 965 F. Supp. 630, 651 (E.D. Pa. 1997). Such expenses must be well documented

and not only contain the total expense for a category of service, but also a breakdown of the “price per unit and the number of units consumed[.]” Id. Lead counsel submitted expense reports that identify the total expenses by category. Such expenses were reasonable and their payment will be approved. VI Finally, lead plaintiffs seek an award of $3,500 for each lead plaintiff, for a total of $14,000. Incentive awards are common in class actions, especially in cases where a common fund has been created to benefit the entire class. In re

Flonase Antitrust Litig., 291 F.R.D. 93, 106 (E.D. Pa. 2013). Lead plaintiffs were interviewed by class counsel regarding their claims, provided relevant documents and information, reviewed and approved the settlement demand, its final amount, and the Settlement Agreement. These awards are in line with payments made to lead plaintiffs in similar actions. See, e.g., In re CertainTeed Corp. Roofing Shingle Prods. Liab. Litig., 269 F.R.D. 468, 476 (E.D. Pa. 2010). The court will approve the payment of $3,500 to each lead plaintiff - Margaret Bianucci, Kathryn Edwards, Erica Judka, and Faith Spiker.