Print Page  |  Close Window

SEC Filings

10-Q
CHIPOTLE MEXICAN GRILL INC filed this Form 10-Q on 07/26/2017
Entire Document
 << Previous Page | Next Page >>

The following stock awards were excluded from the calculation of diluted earnings (loss) per share:





 

 

 

 

 

 

 

 

 

 

 



 

 

 

 

 

 

 

 

 

 

 



Three months ended June 30,

 

Six months ended June 30,



2017

 

2016

 

2017

 

2016

Stock awards subject to performance conditions

 

247 

 

 

290 

 

 

244 

 

 

301 

Stock awards that were antidilutive

 

1,506 

 

 

1,375 

 

 

1,482 

 

 

1,438 

Total stock awards excluded from diluted earnings (loss) per share

 

1,753 

 

 

1,665 

 

 

1,726 

 

 

1,739 



The following table sets forth the computations of basic and diluted earnings (loss) per share:







 

 

 

 

 

 

 

 

 

 

 



 

 

 

 

 

 

 

 

 

 

 



Three months ended June 30,

 

Six months ended June 30,



2017

 

2016

 

2017

 

2016

Net income (loss)

$

66,730 

 

$

25,596 

 

$

112,850 

 

$

(836)

Shares:

 

 

 

 

 

 

 

 

 

 

 

Weighted average number of common shares outstanding

 

28,649 

 

 

29,207 

 

 

28,699 

 

 

29,550 

Dilutive stock awards

 

151 

 

 

133 

 

 

126 

 

 

 -

Diluted weighted average number of common shares outstanding

 

28,800 

 

 

29,340 

 

 

28,825 

 

 

29,550 

Basic earnings (loss) per share

$

2.33 

 

$

0.88 

 

$

3.93 

 

$

(0.03)

Diluted earnings (loss) per share

$

2.32 

 

$

0.87 

 

$

3.92 

 

$

(0.03)





7. Commitments and Contingencies

Data Security Incident 

In April 2017, our information security team detected unauthorized activity on the network that supports payment processing for our restaurants, and immediately began an investigation with the help of leading computer security firms. We also self-reported the issue to payment card processors and law enforcement.  Our investigation detected malware designed to access payment card data from cards used at point-of-sale devices at most Chipotle restaurants, primarily in the period from March 24, 2017 through April 18, 2017.  The malware searched for track data, which may include cardholder name, card number, expiration date, and internal verification codes; however, no other customer information was affected. We have removed the malware from our systems and continue to evaluate ways to enhance our security measures.  We expect that substantially all of our investigation costs will be covered by insurance.  It is not possible at this time to reasonably estimate the amount of any payment card network assessments or regulatory fines or penalties, for which our insurance coverage is limited, or other liabilities in connection with the incident.     

Litigation Arising from Security Incident 

On May 4, 2017, Bellwether Community Credit Union filed a purported class action complaint in the United States District Court for the District of Colorado alleging that we negligently failed to provide adequate security to protect the payment card information of customers of the plaintiffs and those of other similarly situated credit unions, banks and other financial institutions alleged to be part of the putative class, causing those institutions to suffer financial losses.  The complaint also claims we were negligent per se based on alleged violations of Section 5 of the Federal Trade Commission Act and similar state laws.  The plaintiff seeks monetary damages, injunctive relief and attorneys’ fees.  On May 26, 2017, Alcoa Community Credit Union filed a purported class action complaint in the U. S. District Court for the District of Colorado making substantially the same allegations as the Bellwether complaint and seeking substantially the same relief.  Bellwether and Alcoa have jointly moved to consolidate their cases, and a ruling on the consolidation motion remains pending.

On June 9, 2017, Todd Gordon filed a purported class action complaint in the U. S. District Court for the District of Colorado alleging that we negligently failed to provide adequate security to protect the payment card information of the plaintiff and other similarly situated customers alleged to be part of the putative class, causing such customers to suffer financial losses.  The complaint also claims we were negligent per se based on alleged violations of Section 5 of the Federal Trade Commission Act and similar state laws, and also alleges breach of contract, unjust enrichment, and violations of the Arizona Consumer Fraud Act.  

We intend to vigorously defend each of the aforementioned cases, but it is not possible at this time to reasonably estimate the outcome of or any potential liability from these cases.  Although certain fees and costs associated with the data security incident and the aforementioned litigation to date have been paid or reimbursed by our cyber liability insurer, the ultimate amount of liabilities arising from the litigation may be in excess of the limits of our applicable insurance coverage.

7

 


 

 << Previous Page | Next Page >>