ST. PAUL (12/3/14, UPDATED 11:10 a.m. ET)--A U.S. District judge has denied a motion from Target to dismiss the lawsuit against the company as a result of last year's data breach.
U.S. District Court Judge Paul Magnuson said Tuesday that three of the four counts in the plaintiff's complaint against Target will stand.
"The Credit Union National Association is encouraged by the positive development in this case," said Eric Richard, CUNA's general counsel. "Although any recovery for credit unions from this litigation remains uncertain and potentially years away, we are glad the court understands the basic reality that merchants owe a duty of care to financial institutions. CUNA will continue to work with litigators across the country to pursue every legal avenue for credit unions as a result of the failure of merchants to safeguard the data of their customers."
The plaintiffs, which include a number of financial institutions and at least one credit union, have claimed Target:
According to Magnuson's ruling, "Plaintiffs have plausibly pled a claim for negligence, a violation of the PCSA, and negligence per se. Plaintiffs failed to plead reliance, however, and therefore their negligent misrepresentation claim must be dismissed without prejudice."
A CUNA survey identified that after the Target breach, credit unions reissued roughly 4.6 million credit and debit cards. Credit unions not only covered the cost of fraud, but also the costs of blocking transactions, reissuing cards, increasing staff at call centers and monitoring members' accounts. The per-card cost was approximately $5.68 for the Target breach.