Current Events in September 2017

Fast food giant SONIC has suffered a breach of its payment systems according to IT security blog KrebsOnSecurity.

With more than 3,500 U.S. locations, the breach could be a significant one, but it’s currently unknown how many SONIC restaurants have been affected. The report said SONIC has confirmed the breach and says its efforts are ongoing as it works to "understand the nature and scope of the issue.”

The breach apparently came to light when banks began noticing a pattern of fraudulent transactions on cards that had all been previously used at a SONIC location. After that, investigators noticed a batch of five million credit card numbers being sold on the Dark Web at discount prices. An analysis of a sample of the accounts confirmed that they had previously been used at SONIC.

Under investigation

SONIC said law enforcement is involved in the case and the company will reveal more information when it can.

While a credit card data breach is damaging, it is more damaging to businesses and card processors than consumers. By law, consumers' liability in fraudulent use of credit cards is limited if the incident is promptly reported.

If you have used a debit or credit card at a SONIC location in recent months, you should notify the fraud department of the bank or credit card company that issued the card. In many cases, the card will be deactivated and a new card will be issued.

A survey by personal finance site NerdWallet finds consumers remain largely unaware that their banks' overdraft "protection" is optional, costing them $100 or more in fees each year.

In 2010, Congress enacted a law requiring banks to allow customers to "opt-in" to this service, in which the bank covers the deficit if a customer makes a debit charge with insufficient funds. However, the bank charges at least a $30 fee for this service. Before the law was passed, banks automatically enrolled their customers.

But the NerdWallet survey, conducted by the Harris Poll, found 66% of consumers are unaware of their legal option to pass this up.

Being unaware of the law, however, does not mean consumers get automatically signed up -- they still have to opt-in. So why are an estimated eight million consumers enrolled in their banks' overdraft programs?

Eight million have opted-in

"Overdraft coverage sounds like a good deal, but it’s usually better to steer clear of it," the NerdWallet editors write. "It means banks may charge you a hefty fee when transactions– including debit card swipes–cause your account to drop below zero."

If you make a debit purchase that overdraws your account without overdraft protection, the purchase is simply declined at the point of sale. It alerts you if you have insufficient funds in your account, but more importantly, it does not trigger a fee.

$3.5 billion in unnecessary fees

The NerdWallet editors estimate the eight million consumers who are enrolled in bank overdraft protection end up paying over $3.5 billion in unnecessary fees. A NerdWallet analysis of data from the Consumer Financial Protection Bureau (CFPB) estimates a consumer who frequently overdraws his or her account pays about $442 in overdraft fees each year.

The CFPB has found that the transaction amount on a debit card that leads to an overdraft is quite small -- the median was $24 in 2014. Factor in a $35 overdraft fee, and the real cost of the transaction is $59.

“If you’re in danger of getting hit with an overdraft fee, then it’s worth asking yourself if your next purchases are really worth the price that you could pay; often the answer is ‘no,’” said Kimberly Palmer, NerdWallet’s in-house expert on credit cards and banking.

Consumers get enrolled in these overdraft programs when their banks send them marketing material, promoting it as a helpful feature. Unless you specifically notify the bank you would like to be covered, it cannot charge a fee when you make a debit purchase with insufficient funds.

A new study published in the Journal of Applied Psychology finds that college graduates who binge drink multiple times per month are less likely to be hired.

Researchers from Tel Aviv University and Cornell University say that applicants are 1.4 percent less likely to land a job for each instance of binge drinking throughout any given month. They define “binge drinking” as having four or more alcoholic drinks within two hours for women, or five or more alcoholic drinks within two hours for men.

"The manner in which students drink appears to be more influential than how much they drink when it comes to predicting the likelihood of getting a job upon graduation," said study co-author Professor Peter Bamberger.

The study analyzed 827 participants who graduated from Cornell, the University of Washington, the University of Florida, and the University of Michigan between 2014 and 2016. The researchers found that non-binge pattern drinking didn’t affect prospective employment, but the likelihood of negative outcomes built quickly as soon as drinking behaviors hit binge levels.

"A student who binge-drinks four times a month has a 6 percent lower probability of finding a job than a student who does not engage in similar drinking habits. Those students who drank heavily six times a month increased their unemployment probability to 10 percent," said Bamberger.

While the study results may be shocking to some, previous studies suggest that binge drinking among college students is actually declining overall. The National Institute on Alcohol Abuse and Alcoholism (NIAAA) says that binge drinking declined every year from 2005 to 2014 among college students; however, excessive drinking was still found to be problematic among non-college students.

As Autumn moves in, that big leaf pile may look like lots of fun, but pet owners should take care to avoid letting their dogs dive into one that’s been sitting awhile. Leaf piles can harbor mold, ticks, and other fall irritants that can adversely affect dogs' health.

For some dogs, damp leaf piles -- which often contain mold and bacteria -- can be a source of an allergic reaction. To tell if your dog is bothered by leaf mold, veterinary experts recommend keeping an eye out for sniffling, sneezing, and other symptoms of a mold allergy.

“Mold-allergic dogs sneeze frequently, and they may develop a cough or have watery eyes,” say the experts at VetInfo.com. “Other dog-specific signs of a mold allergy include recurring ear infections and licking, scratching, and biting at their skin because it becomes itchy.”

Allergy-inducing mold spores are less of a concern for freshly raked piles, but old leaf piles are the perfect environment for spores and bacteria to breed, experts say.

Sticks and ticks

In addition to mold, leaf piles may conceal sticks and branches. Pointy pieces raked up with leaves can cut or wound pets and lead to costly vet bills, according to the experts at pet insurance company Petplan.

“While it is a rare occurrence, getting impaled by a sharp stick can (and does) happen, whether while jumping in a leaf pile, running through the woods, or playing a rousing game of fetch,” says Petplan, adding that puncture wounds stemming from stick impalement cost an average of $646 to treat.

Leaf piles that have been sitting for a few days may also contain snakes, ticks, and other bugs. The older the pile of leaves, the higher the risk that it has become home to these creatures.

Poison plants

Additionally, red maple leaves, wild mushrooms, and fallen chestnuts (or “conkers”) pose a health hazard to dogs. The leaves of red maple trees can impair red blood cell function in dogs, while conkers -- which contain a poison called aesculin -- can be toxic if ingested in large quantities.

Signs of poisoning in dogs include vomiting, diarrhea, weakness, lethargy, excessive drooling, and lack of coordination. Call your vet immediately if your dog has any of these symptoms after ingesting an unknown plant.

While indoors is the safest place for your pet to be during yard work, the experts at Petplan say there is likely no harm in letting your pooch play in freshly raked piles of leaves that have been checked for sticks.

Chrysler (FCA US LLC) is recalling 22,242 model year 2017-2018 Jeep Cherokee.

Tire and rim size information required on the certification label was omitted during manufacturing, which may result in an incorrect tire and rim combination being installed on the vehicle.

As such, these vehicles fail to comply with the requirements of Federal Motor Vehicle Safety Standard (FMVSS) number 110, "Tire Selection and Rims."

The missing information could lead to an incorrect combination of tire and rim being installed on the vehicle, increasing the risk of a crash.

What to do

Chrysler will notify owners and will provide a corrected certification label, free of charge. The recall is expected to begin October 20, 2017.

Owners may contact Chrysler customer service at 1-800-853-1403. Chrysler's number for this recall is T53.customer service at 1-800-525-7417.

Despite sky-high sales, Samsung has faced criticism about the durability of its Galaxy smartphones, and the performance of Samsung’s newest Galaxy S8 and S8+ models in water may once again prove to be a disappointment to customers. 

Before competitors like Apple debuted their own sturdier, more water-resistant devices, Samsung led the pack last year with a commercial showing Lil Wayne dousing his Galaxy S7 Edge in champagne. Reviewers celebrated the new generation of Galaxy smartphones and their supposed ability to withstand up to 30 minutes of water exposure. 

But the Galaxy S7 Active model failed water dunking tests conducted by Consumer Reports later that year. Facing criticism, Samsung agreed to give S7 Active owners a free exchange if they encounter “issues related to water damage.” Even then, the warranty only applied to people who had their phones for less than a year.

In subsequent marketing material, Samsung assured customers that the apparent problem had been corrected. Samsung’s new Galaxy S8 and S8+ models “are water and dust resistant, faster, and more efficient...,” an advertisement says. Which means what exactly? "...which means you are too,” the S8 advertisement says.

But Samsung’s promises are only as good as its guarantees. If the Galaxy S8 phones prove to also hold up poorly in water, just as the S7 Active did, can customers get a new phone, or at least their $800 refunded? This is a question that Samsung has yet to answer. 

The dreaded “moisture detected”

My husband purchased the Galaxy S8+ largely because of its advertised durability, including the IP68 label certifying the phone can handle submersion in up to five feet of water for thirty minutes. Consumer Reports, the independent testers who exposed the flaws in the S7 Active, gave glowing reviews of the S8 models. The organization dunked the S8 phones in pressurized tanks and reported that they operated normally “right after” retrieving them and continued to function well 24 hours later.

Based on this, we weren’t very worried when my husband's phone fell out of his pocket at a marina several weeks ago. He quickly snatched the phone from the water and it seemed to work fine immediately afterward. 

When he tried to charge the Galaxy that evening a notice appeared: moisture detected in the port. We tried placing the phone on rice and on a fan for days at a time, but the phone still refused to charge due to “moisture." 

Of course, Samsung Galaxy owners have experienced far worse catastrophes than this -- the recall of the Samsung Galaxy Note 7 phones due to their occasional tendency to explode has left a major dent on the company’s reputation. But with no working battery, my husband's Galaxy was as good as useless. By our estimates, the phone wasn’t in the water for longer than ten seconds.

This does not appear to be a problem that is unique to us. YouTube videos and user-submitted comments online – including a forum on the Samsung webpage itself – tell similar stories of a Galaxy S8 that will not charge because of “moisture detected.” 

One commenter on the Samsung site said that her S8 was “barely splashed” before the moisture detection notice appeared. Another with the same problem couldn’t recall her phone ever being exposed to water at all. 

Based on users’ online comments, no official policy is in place from Samsung for these scenarios, meaning customers are left to effectively wait and see what the company tells them.

The AT&T website is clear when it comes to its older model, the Galaxy S7. Samsung will replace  “any Galaxy S7 active under its standard limited warranty, should water damage occur,” the company tells customers.

When my husband and I visited our local AT&T store for help, workers were fairly certain that the S8+ should also be covered for water damage under that same warranty, and we were told to contact Samsung directly. 

The customer service representative at the Samsung call center deflected when I told her that we dropped the phone in water for just a moment. The Galaxy S8 “is water resistant,” she said, “not waterproof.”

She said that Samsung would consider repairing the phone, if we were willing to send it in and wait at least five business days while they inspected it. Given the vagueness and lack of documentation, we opted to pay our insurance deductible instead.

Samsung won’t disclose its policy to reporters

When contacted repeatedly by ConsumerAffairs, Samsung’s press team refused to explain how it handles water-damage claims for the S8 phones, agreeing only to comment on the S8 off the record.   

Paraphrasing the “off the record” information, I was given points nearly identical to Samsung’s advertising that did not answer whether water damage is covered by a warranty. A press release I was sent did nothing to clarify the issue.

Samsung later agreed to send ConsumerAffairs a prepared statement, but that was similarly empty on answers. “Any consumer with questions about a Samsung product should contact us directly at 1-800-SAMSUNG,” it says. "While every customer inquiry we get is different, we look into each inquiry we receive and work to resolve it on a case-by-case basis."

Two AT&T employees, one Samsung call center worker, and two Samsung spokespeople later, and there are still no definitive answers about how Samsung will handle complaints from customers encountering water-damage issues with S8 Galaxy phones. The best advice we can provide is to not let your phone get wet, no matter what the advertising says. 

Apple released a new macOS operating system Monday, but already security experts are saying it is vulnerable to a zero-day exploit that puts users’ passwords at risk.

Patrick Wardle, a white-hat hacker who formerly worked for the National Security Agency, posted a video of how the exploit can steal plaintext passwords that are stored in Mac keychain – an app that stores passwords on Mac operating systems. In a statement to Ars Technica, he explains that Apple’s security measures have long fallen short of the mark.

“As a passionate Mac user, I’m continually disappointed in the security on macOS,” said Wardle. “I don’t mean that to be taken personally by anybody at Apple – but every time I look at macOS the wrong way, something falls over. I felt that users should be aware of the risks that are out there.”

Hacking users’ passwords

In his demonstration, Wardle shows how using a “keychainStealer” app can expose users’ passwords for several different accounts, including Facebook, Twitter, and even Bank of America.

In a statement, Apple said that macOS is “designed to be secure by default, and Gatekeeper warns users against installing unsigned apps, like the one shown in [Wardle’s video], and prevents them from launching the app without explicit approval [from the user].”

It’s true that Gatekeeper keeps Mac users from installing apps that aren’t digitally signed, such as the one that Wardle used in his video. However, it should be noted that a hacker can easily digitally sign an app by applying for membership in the Apple Developer Program, which costs $99 per year. With those credentials, hackers could then use an app similar to Wardle’s to execute the same actions.

Additionally, Wardle says that he reported the vulnerability to Apple back in August so that the company could fix it before rolling High Sierra out to the public. Unfortunately, it seems that Apple decided to release the new OS without fixing the issue first.

Wardle points out that the vulnerability may not be exclusive to High Sierra, and that earlier versions of macOS could be similarly affected.

Equifax CEO Richard Smith has retired effective immediately, the company announced today. He'll be replaced by interim CEO Paulino do Rego Barros, Jr. while board member Mark Feidler will serve as Non-Executive Chairman.

The move follows the September 7 revelation that the credit bureau had suffered a massive data breach earlier this year, in which 143 million consumers' credit files were compromised.

The files contained full names, addresses, Social Security numbers, and other information that would make it easy to steal identities.

"The Board remains deeply concerned about, and totally focused on the cybersecurity incident," Feidler said in a statement. "We are working intensely to support consumers and make the necessary changes to minimize the risk that something like this happens again."

Feidler said the Equifax board has formed a special committee to investigate issues arising from the incident and to ensure all appropriate actions are taken. The company is providing free credit monitoring for a year to all those consumers who may have been affected, though some consumers reported difficulty enrolling, due to the huge volume of those affected.

In a statement, Smith said he was dedicated to rectifying the issues surrounding the data breach, but he concluded that the company needed new leadership at this point.

Toyota Motor Engineering & Manufacturing is recalling 21 model year 2008-2016 Toyota Land Cruisers, model year 2006 Lexus LX470s, and model year 2008-2013 Lexus LX570s.

The vehicles may be equipped with an incorrect driver or front passenger air bag. As such, they vehicles fail to comply with the requirements of Federal Motor Vehicle Safety Standard (FMVSS) number 208, "Occupant Crash Protection."

An incorrect driver or front passenger air bag may not deploy as intended in the event of a crash, increasing the risk of injury.

What to do

Toyota will notify owners, and dealers will replace the affected air bag assemblies, free of charge. The recall was scheduled to begin September 25, 2017.

Owners may contact Toyota customer service at 1-800-331-4331. Toyota's number for this recall is H0S. Lexus' number for this recall is HLD.

Last week, analysts at investment bank Leerink Partners reported that Amazon had contacted middle-market pharmacy benefit managers (PBMs), in what they say may be a step towards entering the pharmaceuticals market.

In basic terms, PBMs are companies that act as middlemen to connect companies who sell drugs with the insurer or agency that pays for consumers’ drugs. They also dictate which drugs consumers can and cannot have access to through their management of formularies.

Some experts have theorized that these preliminary discussions may be paving the way for Amazon to establish a mail-order pharmacy, which would target uninsured consumers, those with high deductibles, and those who pay cash for their prescription medications. However, the company has not yet divulged any plans and likely won’t for some time.

“Our specialists indicated that Amazon may be speaking with mid-sized PBMs now in an effort to get into the pharmacy services space,” the Leerink report stated, according to Business Insider. “It may take ~24 months to get licensed in 50 states, but our specialists believe that this is the direction Amazon is moving in.”

When asked about these possible developments by ConsumerAffairs, Amazon said that it does not comment on rumors and speculation.

Lower costs and added convenience

Since the report was published, experts have speculated over what Amazon’s entrance into the pharmaceutical business would mean for distributors and consumers alike.

The Leerink report suggests that distributors of medical products for home delivery would feel the most pressure, since Amazon could potentially become a powerful competitor in this market due to its own distribution business. However, it’s likely that Amazon would need to partner with (or create its own) PBM to handle medical billing and navigate the healthcare market.

Peter Marcia, CEO of voluntary benefits outsourcing (VBO) firm YouDecide, tells ConsumerAffairs that the consumer impact may be more modest, but that any move in this direction by Amazon  “could provide cost reduction and added convenience.”

“There are dozens of companies that are targeting the market with lower pharmacy prices and more than ever, consumers are using apps like Truveris to find drugs at the cheapest prices,” he said. “That being said, Amazon certainly has the tools to take this market to the next level.”

Target announced Monday that it will be raising its hourly minimum wage to $11 starting in October, with plans to raise it to $15 by the end of 2020.

The company said that the new rate will apply to all 323,000 current staff members, as well as the 100,000 temporary workers it plans to hire over the holiday season.

Experts believe the decision is intended to keep Target ahead of Wal-Mart and other competitors, as each vies for potential employee talent. CEO Brian Cornell gave credence to this in his statement.

“We’re investing to make sure that we recruit and retain the existing team, that we attract new team members and, importantly, that we provide an exceptional service environment,” he told reporters. “We thought the timing was right as we move into the holiday season.”

A silent wage war

The announcement marks a departure from Target’s past strategy of keeping wage announcements discreet. In April 2015, the company quietly increased its minimum hourly wage to $9 after Wal-Mart announced plans to raise its own minimum wage to $10 by 2016. Last May, Target raised the wage again to $10.

With the latest increase to $11 per hour, Target’s minimum wage will outstrip Wal-Mart’s hourly minimum wage and set it above minimum requirements in 48 states, according to the Wall Street Journal. However, the company’s promise to raise its minimum hourly wage to $15 by 2020 complies with new legislation in both New York and California, where the minimum wage will increase to $15 per hour in the coming years.

Of course, one of the problems companies must consider when raising their minimum wage is how much the decision will affect their profits. Executives at Wal-mart have stated that past wage increases cost the company as much as $2.7 billion, a figure that weighed heavily on the company’s stock.

While Cornell did not disclose how much the wage increase would cost Target, the company said that the decision shouldn’t affect its projections for fiscal year per-share profit, since the wage increase had already been factored in when the company announced those numbers in August.

In an effort to reduce the rising tide of opioid-related deaths and addictions, pharmacy chain CVS has announced policy changes that will limit the supply of drugs consumers can access, expand its drug disposal program, and increase funding for drug abuse and support services.

Starting in February 2018, all commercial, health plan, employer, and Medicaid clients who are new to therapy will be limited to a seven-day supply for acute prescriptions, unless they choose to opt out. Daily dosages will also be limited based on their strength, and immediate-release formulations will be required before extended-release opioids can be dispensed.

CVS will also work with its pharmacists to more closely examine opioid prescriptions and contact physicians if the amount of medication seems excessive. Pharmacists and CVS employees will also provide community education and counseling services on subjects like prescription drug abuse, addiction, and how to dispose of unused medication.

“As America’s front door to health care, with a presence in nearly 10,000 communities across the country, we see firsthand the impact of the alarming and rapidly growing epidemic of opioid addiction and misuse,” said CVS Health President and CEO Larry J. Merlo.

“Today we are announcing an expansion of our enterprise initiatives to fight the opioid abuse epidemic that leverages CVS Pharmacy’s national presence with the capabilities of CVS Caremark, which manages medications for nearly 90 million plan members.”

Expanding disposal program and community services

On top of limiting access to opioids, CVS announced that it will be expanding its Medication Disposal for Safer Communities Program to include 1,550 kiosks and 750 additional disposal units across the country.

These locations – starting in states like Florida, Massachusetts, North Carolina, Pennsylvania, South Carolina, and Washington D.C. – will ensure that “people can safely dispose of unwanted medications” to curb cases of misuse and abuse, according to Richard Baum, acting director of the National Drug Control Policy.

As the last part of its initiatives, the CVS Health Foundation has agreed to invest an additional $2 million in federally-qualified community health centers that deliver medication-assisted treatment, addiction recovery, and prevention services.

Part of a larger effort

Merlo said that CVS’ newest initiatives are part of a larger effort by all healthcare stakeholders to address the opioid crisis in the U.S.

“Without a doubt, addressing our nation’s opioid crisis calls for a multi-pronged effort involving many health care stakeholders; from doctors, dentists and pharmaceutical companies to pharmacies and government officials,” he said.

“With this expansion of our industry-leading initiatives, we are further strengthening our commitment to help providers and patients balance the need for these powerful medications with the risk of abuse and misuse.”

Gasoline prices are drifting lower from their post-Hurricane Harvey spike, but remain significantly higher than this time last year.

The AAA Fuel Gauge Survey shows the national average price of regular gasoline is around $2.57 a gallon, down five cents from a week ago but 37 cents higher than fall 2016.

Prices rose quickly after Hurricane Harvey hit the Texas Gulf Coast last month, forcing many refineries to curtail production. That created supply shortages, raising the price of gasoline nationwide. After topping out close to $2.70 a gallon, gasoline prices have been going down over the last two weeks.

"That downward momentum is starting to pick up steam," Gasbuddy senior analyst Patrick DeHaan told ConsumerAffairs. "Gasoline inventories are continuing to recover after hurricanes Harvey and Irma, and that's helping to put downward pressure on gas prices."

Big drop in prices in Delaware

Consumers in some states are seeing gas prices fall faster than the nation as a whole. DeHaan says prices seem to be falling faster in the Midwest and in the East; Delaware leads all states with a decline of around 10 cents a gallon in the last week.

Prices remain higher than normal in the Southeast, which normally enjoys some of the lowest fuel prices in the nation.

"We're still seeing some supply problems as a result of that temporary partial shutdown of the Colonial Pipeline after Hurricane Harvey," DeHaan said. "We're still getting back on our feet in the Southeast."

Both Florida and Georgia have statewide gas price averages of $2.66 a gallon, the highest in the region. But inventory issues are still affecting prices in the Carolinas, Tennessee, and Virginia.

South Carolina, normally the state with the cheapest fuel, has a current statewide average gasoline price of $2.46 a gallon. A month ago (before Hurricane Harvey), it was $2.07. Tennessee's average price of $2.50 a gallon is still 37 cents higher than a month ago.

Most expensive gas is in the West

In the West, California has the most expensive gasoline. The statewide average for regular is $3.12 a gallon -- but it's 13 cents higher at San Francisco area gas stations.

Hawaii and Washington are seeing slightly lower gas prices this week and are the only states besides California where the average price has eclipsed the $3 per gallon mark.

Autumn is normally a time when gasoline prices fall a bit faster, since oil refineries have switched to producing cheaper winter-grade gasoline.

The EPA requires stations to sell summer blends between June 1 and September 15, but it has allowed earlier sale of winter grades because of the hurricanes. That may have helped bring down prices a bit, but DeHaan says there are other economic forces at work that may limit the benefit to consumers.

"Oil prices are now $51 a barrel, so gasoline prices may not get as low as they were before the hurricanes, when oil was selling for around $47," he said.

The 2017 U.S. Online Grocery Shopper Study gives the highest scores to Amazon and Walmart, concluding shoppers feel these two retailers do the most to earn customer satisfaction.

Commissioned by The Retail Feedback Group (RFG), the study also suggests an increasing number of consumers are embracing online grocery shopping. About half the consumers who engage in online shopping said they plan to continue to buy groceries online in the coming year.

Those who are already making food purchases online rate Amazon highest in customer satisfaction, giving the online retailer a score of 4.63 out of five. Walmart was not far behind at 4.41.

Amazon edged out Walmart in several categories, rating higher for the online checkout process, the overall ordering experience, the availability of food items, and the delivery system.

Walmart outstripped traditional supermarkets in the areas of the online ordering process, easy-to-find discounted items, good value, and convenient delivery/pickup..

Traditional stores playing catch-up

Traditional supermarkets have online ordering capabilities, but shoppers rated these stores lower than either Amazon or Walmart nearly across the board. Supermarkets only achieved parity in the category of delivery, with consumers rating that experience on par with the two online leaders.

"Clearly Amazon has effectively leveraged its deep roots in online retailing to inform their efforts in online grocery, leading to the strongest 'highly satisfied' marks found in our research," said Brian Numainville, a principal at RFG.

Numainville says that even though Walmart scored lower than Amazon on overall satisfaction and key performance metrics, it was well ahead of traditional supermarkets.

"It appears supermarkets and food stores have work to do to improve their scores in online grocery shopping relative to these retailers," Numainville said.

Convenience

The study also explored why some consumers prefer shopping online for groceries while others would rather go to the store to purchase items. The appeal of online shopping revolves around convenience–consumers on busy schedules said it saves them time.

Those who prefer to shop in store expressed a desire to actually see and hold items they’re shopping for. That is especially true for produce, which can vary in terms of quality and freshness.

RFG principal Doug Madenberg says the current study shows that, overall, more consumers still prefer the in-store shopping experience to ordering groceries online. But he says continued improvements in the online experience–especially regarding the product selection process–could shift that balance in the future.

Earlier this year, the Food Marketing Institute (FMI) predicted a growth in online food sales such that it will account for 20 percent of the market by 2025, with consumers spending as much as $100 billion on online food orders.

Numainville points to Amazon's recent purchase of Whole Foods as a potential game-changer in making online grocery shopping more common, potentially allowing the online retailer to improve delivery foods’ freshness -- especially produce.

As 143 million compromised Equifax customers either scramble to freeze their credit, seek security services, or wait to see happens next, some are electing to take legal action.

Attorneys throughout the U.S. have filed more than a dozen class action lawsuits against the credit bureau.

Oakland, California-based Scott Cole & Associates filed a class action claiming "negligence, violations of fair credit reporting and deceptive business practices."

The Doss Firm LLC has filed a class action suit on behalf of the estimated 28 million small business owners who may have been affected by the data breach. Attorney Jason Doss said small business operators are particularly vulnerable since they rely on personal and business credit to operate.

What is a class action?

Unlike an individual lawsuit, a class action is filed on behalf of a "class" of plaintiffs who all have the same or similar grievances. In a case affecting as many people as the Equifax breach, it is very likely that many of the suits will be combined into a smaller number of cases.

Unlike an individual lawsuit, a plaintiff does not have to hire an attorney or incur any legal costs. And unlike an individual lawsuit, members of the "class" don't have to take much action at all.

If you are among the 143 million consumers whose data may have been exposed, you are already a member of the "class."

"At some point, [Equifax customers] will get a notice asking whether we want to opt out of the class action," said Vanderbilt University law professor Brian Fitzpatrick. "As a general matter, I recommend that people do not opt out. It will be very hard to sue Equifax on your own. The nice thing about a class action is someone does all the work for us."

Consumers are free to sue on their own

Because there are millions of potential plaintiffs, any class action settlement may result in a rather small individual judgment. If you think you have a major case against Equifax, you are free to sue the company individually. In that case, Fitzpatrick says you might consider opting out of the class action.

"If you do not opt out of the class action when you have the chance and the class action is unsuccessful, then you lose your right to sue Equifax on your own," he said.

Most people, he says, will be better off remaining in the class, having a good chance to share in a settlement without having to hire a lawyer.

Fitzpatrick suggests consumers document how much time and money they have spent placing freezes and fraud alerts, or otherwise dealing with the data breach. He says they may be able to use that information to increase their recovery sum in any settlement.