Judge Certifies Class Action Over Target Data Breach
By Joseph Ax
NEW YORK -- A U.S. judge Tuesday certified a class action against Target (TGT) brought by several banks over the retailer's massive data breach in 2013.
U.S. District Judge Paul Magnuson in St. Paul, Minnesota, said the banks could pursue their claims together over the breach, which compromised at least 40 million credit cards during the holiday season.
%VIRTUAL-pullquote-This important ruling brings financial institutions one step closer to collectively holding Target accountable for its unprecedented data breach.%In a statement, Charles Zimmerman, one of the lead lawyers representing the banks, said, "This important ruling brings financial institutions one step closer to collectively holding Target accountable for its unprecedented data breach."
Target spokeswoman Molly Snyder said the company was "disappointed" and would evaluate its next steps after reviewing the decision.
The ruling, which makes a settlement with the banks more likely, comes four weeks after Target agreed to pay as much as $67 million to financial institutions that issue Visa (V) cards, in a deal struck directly with the credit card network.
Earlier this year, a proposed $19 million settlement with MasterCard (MA) fell through when not enough banks accepted the agreement.
It isn't clear how many Visa card issuers accepted the terms of that deal by the deadline of Sept. 4.
Snyder declined to comment on the number of institutions that have agreed to participate in the Visa deal but emphasized that the class action includes only those card issuers that haven't settled their claims.
Attorney Zimmerman has said the Visa deal, like the failed MasterCard settlement, doesn't fully reimburse banks for their losses and was negotiated without input from the plaintiffs.
Carrie Hunt, the general counsel for the National Association of Federal Credit Unions, praised the judge's decision and said it "constitutes one important avenue for recovery" for credit unions affected by the breach.
The Target breach was one in a series of high-profile data security failures to hit major retailers, including Home Depot (HD) and Staples (SPLS).
-Nandita Bose contributed reporting from Chicago.