District Judge Paul Magnuson, presiding over the Target data breach MDL, rejected Target’s attempt to have the class action filed by banks and credit unions dismissed earlier this month. A class of financial institutions have sued Target for reimbursement of the money they spent handling fraudulent charges and issuing new cards to their customers as a result of the data breach. These financial institutions are seeking millions of dollars in damages and are alleging negligence and violations of Minnesota’s consumer protection laws.
Judge Magnuson determined that Target had a “key role” in the data breach by its actions in disabling certain security features and its inaction in failing to be mindful of the warning signs available to it at the beginning of the attack. As a result, Judge Magnuson concluded that Target caused foreseeable harm to the Plaintiff financial institutions and that its actions worsened the harm. Judge Magnuson wrote:
Plaintiffs have plausibly alleged that Target’s actions and inactions – disabling certain security features and failing to heed the warning signs as the hackers’ attack began – caused foreseeable harm to plaintiffs. Plaintiffs have also plausibly alleged that Target’s conduct both caused and exacerbated the harm they suffered.
Target has admitted that at least 40 million credit cards were compromised and more than 100 million more people may have had their personal information stolen. This decision has clarified the legal relationship between merchants and financial institutions by Judge Magnuson’s decision that Target owed these institutions a duty to protect consumer information from hackers. This important decision could have positive consequences for other companies facing data breach cases, including Home Depot, Neiman Marcus, K-Mart, Dairy Queen, P.F. Chang’s, and other retailers.
The financial institutions have received a major hit from multiple data breaches since last holiday season, as they have worked to protect their customers and replace their compromised accounts. Judge Magnuson grounded his finding of Target’s duty in furtherance of Minnesota’s policy of protecting consumers’ credit and debit card information. The Plaintiffs include numerous banking institutions that are seeking class-action status on behalf of the banks and credit unions with customers who used their bank cards at Target between Nov. 1 and Dec. 19, 2013.
The Plaintiffs include Umpqua Holdings Corp’s Umpqua Bank in Roseburg, Oregon; Mutual Bank in Whitman, Massachusetts; Village Bank in St. Francis, Minnesota; CSE Federal Credit Union in Lake Charles, Louisiana; and First Federal Savings of Lorain in Lorain, Ohio. They are seeking class-action status on behalf of banks and credit unions with customers who used credit and debit cards at Target between Nov. 1 and Dec. 19, 2013. Consumers are also pursuing related class-action litigation over the breach, and Target has asked Judge Magnuson to dismiss that case. The case is the U.S. District Court, District of Minnesota. If you need more information on the Target litigation, contacted Dee Miles or Andrew Brashier at 800-898-2034 or by email at Dee.Miles@beasleyallen.com or Andrew.Brashier@beasleyallen.com.
Sources: Insurance Journal; Law 360 and Bloomberg
Contact us today for a free legal consultation with an experienced attorney.
Fields marked *may be required for submission.
If you would like to subscribe to the Jere Beasley Report digital edition, simply visit our Subscriptions page and provide the necessary information or call us at 800-898-2034.
Attorney Advertising - Prior results do not guarantee a similar outcome.