enlarge The Associated Press

Shoppers make their way across the parking lot Wednesday at the Hannaford Bros. store in Yarmouth. Three civil suits filed against Hannaford seek unspecified financial damages.

A Bangor lawyer and one of the nation's top law firms for class-action cases are lining up to take on Hannaford, the Scarborough-based grocer whose computers were hacked over the past four months, exposing millions of credit card and debit card numbers to fraud.

Samuel Lanham filed the first civil complaint this week against Hannaford in federal court, on behalf of Melinda Ryan, a shopper from Bangor. Lanham said he filed another complaint on Thursday for a shopper in Florida.

Those and other complaints – expected in several states – could eventually become a single class-action suit against Hannaford. The suit would seek damages for customers, including those who were defrauded and those who simply had their information revealed, Lanham said.

"When you and I swipe our cards through those little boxes, we are turning over our numbers – that is sensitive personal financial information," said Lanham, of the Bangor firm Lanham & Blackwell. "We are turning that over to someone who has the obligation to make sure that it's safe."

Lanham is working with a Florida firm, Harke & Clasby, which has been involved in several national class-action cases.

A third complaint was filed Wednesday in federal court in Portland on behalf of a shopper from Massachusetts. Greg Doherty is represented by the Portland-based law firm Curtis, Thaxter, Stevens, Broder & Micoleau, as well as Philadelphia- based Berger & Montague.

The complaints filed on behalf of Ryan and Doherty make the same argument: that Hannaford failed to safeguard financial information, and also harmed customers by not notifying them in a timely fashion. Hannaford became aware of the breach on Feb. 27, eliminated the problem on March 10 and went public on Monday.

Hannaford announced that 4.2 million credit card and debit card numbers were exposed, beginning Dec. 7, and at least 1,800 shoppers were subjected to fraud. The breach included 165 Hannaford stores in New England and New York and 106 Sweetbay stores in Florida.

Berger & Montague has a national reputation for winning multimillion-dollar awards through class-action lawsuits. It is one of the lead firms in a suit brought last year against TJX Companies Inc., which operates TJ Maxx, Marshalls and other retail stores.

Hackers accessed at least 45 million credit or debit cards and about 450,000 driver's licenses, military or state identification data stored on TJX computers. That breach is considered the largest computer theft of personal data in U.S. history. A proposed settlement in that case would provide reimbursement for identity theft claims, vouchers of $30 to customers and a range of other remedies.

The civil complaints against Hannaford seek unspecified financial damages. They also seek to have the company pay for credit card monitoring services for customers and upgrade its computer security tools.

Michael Norton, a spokesman for Hannaford, said the company will not comment about ongoing litigation.

Lanham said he is in contact with Hannaford shoppers in other states, and will file more complaints. Other law firms will likely do the same, Lanham said. It will be up to a federal judge to certify a class-action lawsuit and consolidate the complaints into a single proceeding.

The Associated Press contributed to this report.

Staff Writer Trevor Maxwell can be contacted at 791-6451 or at:

tmaxwell@pressherald.com