Table of Contents
ST. PAUL, Minn. — A federal judge said banks suing Target Corp. over its data breach have a plausible case for negligence and can proceed with their lawsuit.
A federal judge said banks suing Target Corp. over its data breach have a plausible case for negligence and can proceed with their lawsuit.
 |
The banks claim they collectively sustained losses of tens of millions of dollars because Target failed to shield its computer network from cyberthieves.
The company last month asked U.S. District Judge Paul Magnuson to reject the claims brought in a lawsuit by five banks that banded together to sue on behalf of all U.S. financial institutions whose customers made Target purchases last year between November 1 and December 19. Magnuson ruled that the plaintiffs presented a plausible case for three of their four counts against Target: negligence, failure in providing sufficient security against data hackers and violation of Minnesota’s Plastic Security Card Act.
"Although third-party hackers’ activity caused harm, Target played a key role in allowing the harm to occur," Magnuson wrote.
Magnuson also remarked in his December 2 memo that "imposing a duty on Target in this case will aid Minnesota’s policy of punishing companies that do not secure consumers’ credit and debit card information."
The judge rejected Target’s argument that it had no obligation to the banks because a third-party firm handles all of the retailer’s credit and debit card payments.
The courts have consolidated all the federal breach related cases against Target into two lawsuits — one involving financial institutions and the other involving consumers.
A class action by consumers who had data stolen in the breach seeks a court order compelling Target to adopt best practices for data security and make restitution to those harmed in the attack.
Target has asked Magnuson to throw out those claims. The judge scheduled a hearing on that request for December 11.
