NP Privacy Partner
Children’s Privacy & COPPA
Advertising and Marketing
Mobile Technology & Websites
Corporate & Board Governance
Enforcement & Litigation
Health Care & HIPAA
ABOUT NIXON PEABODY
Preliminary approval granted in Target data breach settlement
Judge Paul A. Magnuson granted preliminary approval on Wednesday of a $39 million settlement between a class of financial institutions and Target Corporation. The class action lawsuit in the District of Minnesota stems from losses incurred as a result of a massive data breach in late 2013, where hackers gained access to Target’s network and extracted the financial information of approximately 40 million customers. This marked the first time a federal court ever certified a class in data breach litigation.
Per the terms of the settlement, Target will pay up to approximately $20 million directly to settlement class members. Class members will have the option to receive either at least $1.50 per compromised payment card in addition to any per-card amount that they will receive from another recovery program (such as Visa’s and MasterCard’s), or receive up to 60 percent of their total fraud, reissuance and other costs related to the breach, minus any amounts received through the network recovery programs. The remaining $19.1 million payment will go towards funding MasterCard’s Account Data Compromise program. Target will also pay the plaintiffs’ legal fees, pending court approval, and agreed not to appeal any legal fees sum of $20 million or less.
The settlement applies to all U.S. financial institutions that issued payment cards identified as having been “at risk” as a result of the breach, excluding those that previously released their claims against Target through a prior settlement with MasterCard and Visa. MasterCard and Visa previously reached settlements with Target, covering a portion of the losses incurred by credit card issuers, wherein payments were higher if the issuer declined to join the class action lawsuit. Notably, this class action lawsuit may set a precedent for U.S. retailers absorbing much of the costs incurred by financial firms associated with a data breach.
Class members have 90 days to submit a written request to opt-out, and a hearing on final approval is scheduled for May 10, 2016. The case is In re: Target Corporation Customer Data Security Breach Litigation, U.S. District Court, District of Minnesota, No. 14-md-02522.
Posted at 11:24 AM by Daly, Michelle | Category:
Privacy Litigation & Class Action
Email this Post
Check Effective Permissions
There are no comments yet for this post.
Check Effective Permissions
Items on this list require content approval. Your submission will not appear in public views until approved by someone with proper rights.
More information on content approval.
indicates a required field
Statement of Client Rights
This website contains attorney advertising. Prior results do not guarantee a similar outcome. © 2018 Nixon Peabody LLP