MINNEAPOLIS (9/16/15)--The U.S. District Court, District of Minnesota has granted class-action status in the lawsuit against Target related to its massive data breach during the winter holiday shopping season in 2013.
“Credit unions incurred at least $30 million in card reissuance costs related to the Target breach and I’m encouraged the court awarded class action status. I’m hopeful this will result in financial recovery for the credit unions and their members who were affected.
“While this is a step in the right direction, we need Congress to enact meaningful data security legislation to stop future data breaches. Credit unions and banks are subject to robust data protection and notification standards; the absence of federal data security standards for the merchants that accept payment cards is the weak link in the system. To properly protect the data of all Americans, we must equally share responsibility.”
The court's decision certifies as eligible class members, all entities in the United States and its territories who issued payment cards compromised in the breach that was publicly disclosed by Target on Dec. 19, 2013
Now that the court has certified the financial institution class, financial institutions will be allowed to seek damages together, rather than individually. As reported earlier, it allows the financial institutions to coordinate use of attorneys, collection of evidence, requests of witnesses and most other aspects of the litigation.
The 2013 Target breach was huge, reportedly comprising 40 million debit and credit card numbers, as well as the personal data of as many as 70 million consumers. Credit unions alone, based on CUNA's research, incurred $30.6 million in costs related to the breach, not including any fraud costs.