Go to:

June 2018
< May Jul >
Leaguer Email Subscription

You are not currently subscribed. Click Subscribe below to receive the Leaguer email.

Judge Denies Target's Motion to Dismiss Data Breach Lawsuit
Thursday, December 4, 2014 6:50 AM

A U.S. district judge has denied a motion from Target to dismiss the lawsuit against the company as a result of last year's data breach. U.S. District Court Judge Paul Magnuson said Tuesday that three of the four counts in the plaintiff's complaint against Target will stand.

The plaintiffs, which include a number of financial institutions and at least one credit union, have claimed that Target:

  • Was negligent in failing to provide sufficient security to prevent the hackers from accessing customer data;
  • Violated Minnesota's Plastic Card Security Act (PCSA), which states that "Whenever there is a breach of the security of the system of a person or entity that has violated this section ... that person or entity shall reimburse the financial institution that issued any [credit or debit cards] affected by the breach for the costs of reasonable actions undertaken by the financial institution as a result of the breach;
  • Was negligent by violating the PCSA; and
  • Failed to inform plaintiffs of its insufficient security, which constitutes a negligent misrepresentation by omission.

According to Magnuson's ruling, "Plaintiffs have plausibly pled a claim for negligence, a violation of the PCSA, and negligence per se. Plaintiffs failed to plead reliance, however, and therefore their negligent misrepresentation claim must be dismissed without prejudice."

A CUNA survey identified that after the Target breach, credit unions reissued roughly 4.6 million credit and debit cards. Credit unions not only covered the cost of fraud, but also the costs of blocking transactions, reissuing cards, increasing staff at call centers and monitoring members' accounts. The cost per card was approximately $5.68 for the Target breach.

"The Credit Union National Association is encouraged by the positive development in this case," said Eric Richard, CUNA's general counsel. "Although any recovery for credit unions from this litigation remains uncertain and potentially years away, we are glad the court understands the basic reality that merchants owe a duty of care to financial institutions. CUNA will continue to work with litigators across the country to pursue every legal avenue for credit unions as a result of the failure of merchants to safeguard the data of their customers."