We reported previously that Home Depot was one of many businesses in the U.S. to experience a significant retail data breach in 2014. The breach involved the instillation of memory scraping malware on self-checkout terminals, which allowed payment card information to be collected for months at stores in the U.S. and Canada. This malware allowed the attackers to compromise the payment cards of more than 56 million customers.
Currently, Home Depot is involved in a major ongoing lawsuit with financial institutions related to the 2014 data breach. After the Judge refused to throw out the banks’ claims last month, Home Depot asked the District Court to certify several questions of law to the Eleventh Circuit Court of Appeals.
The case is in the Northern District of Georgia and has the potential to influence whether banks can continue to bring claims against major retailers after their customer’s data is hacked.
One of the most important questions put forward by Home Depot is whether the financial institutions have satisfied the requirements of Article III standing related to specific pleading obligations and the degree of harm that must be alleged in order to withstand a motion to dismiss. Given that consumers affected by a data breach have difficulty establishing standing in lawsuits, banks often satisfy the legal hurdle by pointing to the costs associated with the steps they take to protect their cardholders.
In order to satisfy the Article III standing, banks can generally demonstrate financial loss related to a data breach by evidencing costs related to replace customer cards, place a freeze on credit reports, and implement fraud monitoring services.
However, Home Depot is arguing in this case that the banks have failed to adequately specify their damages in the complaint and instead only plead general injuries that relate to the group. The retailer also contends that some of the actions taken by banks as a result of the data breach were merely proactive measures taken in an attempt to prevent future harm and are not enough to confer standing. Due to the fact that the landscape in data breach cases is still developing, courts are still deciding what specific pleading requirements to impose on the banks.
Home Depot has asked the District Court for permission to immediately take its issues to the Eleventh Circuit Court of Appeals, but it isn’t a sure bet as to whether they will succeed in their request. Thus far, the District Court has not issued a final order in the case; therefore, Home Depot has to get approval from both the District Court and Eleventh Circuit Court of Appeals before its issues will be heard. If you need more information on any part of the Home Depot litigation, contact Jake Jeter, a lawyer in our firm’s Consumer Fraud and Commercial Litigation Section, at 800-898-2034 or by email at Jake.Jeter@beasleyallen.com.
Contact us today for a free legal consultation with an experienced attorney.
Fields marked *may be required for submission.
If you would like to subscribe to the Jere Beasley Report digital edition, simply visit our Subscriptions page and provide the necessary information or call us at 800-898-2034.
Attorney Advertising - Prior results do not guarantee a similar outcome.