ST. PAUL, Minn. (5/19/14)--Last week, U.S. District Judge Paul Magnuson set the stage for the next steps for the multitude of class action lawsuits filed against Target Corp. for its 2013 data security breach.
"I know Target would like to have big, long, indefinite stays," Magnuson said at Wednesday's case management meeting (
St. Paul Pioneer Press
May 15). "I don't think it's appropriate."
In April, the U.S. Judicial Panel on Multidistrict Litigation determined that the class action lawsuits would be consolidated in the District of Minnesota. Magnuson and U.S. Magistrate Judge Jeffrey Keyes first grouped the cases into three categories:
- Consumer lawsuits. With 111, this is the largest group and represents those whose information was compromised.
- Financial insitutions. Twenty-nine cases are from financial institutions that had to cover costs of reissuing cards and reimbursing consumers. Four credit unions are among the plaintiffs: Alabama State Employees CU, Montgomery, Ala., with $211 million in assets; First Choice FCU, New Castle, Pa., with $38 million in assets; Employees CU, Dallas, with $63 million in assets; and KC Police CU, Kansas City, Mo., with $107 million in assets.
- Shareholders. Four cases have been filed on behalf of shareholders.
The retail giant revealed Dec. 19 that about 40 million debit and credit card numbers were compromised as was the personal information of as many as 70 million customers. Much of the stolen information was sold online to other criminals.
"I'm beginning to learn this data breach business is quite a cottage industry," Magnuson said in the
A survey by the Credit Union National Association found that credit unions incurred $30.6 million in costs directly related to the breach--not including fraud costs. CUNA is pressing federal lawmakers to address data security relative to merchants, who are not held to the same standards of security as credit unions and other financial institutions.