About this Case

TMLG has filed a class action lawsuit on behalf of consumers against Target Corporation (“Target”) for failing to implement and maintain reasonable security procedures and practices, compromising the financial and personal information of its customers. Approximately 40 million credit and debit card users who purchased products from Target between November 27 and December 15, 2013 were affected by the data breach. News of the breach was first published by blogger Brian Krebs of Krebsonsecurity.com on or about December 18. 2013, before Target made any attempt to notify its affected customers. As widely reported by multiple news services on December 19, 2013, “investigators believe the data was obtained via software installed on machines that customers use to swipe magnetic strips on their cards when paying for merchandise at Target stores”. Such information allows thieves to manufacture counterfeit cards by encrypting victims’ data onto any card with magnetic strips. The thieves may also have accessed PIN numbers, granting them access to customers’ bank accounts. Plaintiffs allege, were it not for Target’s negligence, the breach would not have occurred.

After the news broke, Target published a statement on their corporate website, as opposed to their shopping site – the site regularly accessed by customers – confirming “that the information involved in this incident included customer name[s], credit or debit card number[s]… the card[s’] expiration date[s] and CVV[s] (the three-digit security code)”. In its statement, Target assured consumers that they “have identified and resolved the issue,” conveying a false sense of security.

The Federal Trade Commission (“FTC”) urges prompt action at the sign of potential identity theft. For more information on recognizing identity theft, please visit: http://www.consumer.ftc.gov/articles/0271-signs-identity-theft.

Similarly, you may find information on how to repair identity theft at: http://www.consumer.ftc.gov/articles/0274-immediate-steps-repair-identity-theft.

Case Status

On March 19, 2015, the Honorable Paul A. Magnuson granted preliminary approval of a class settlement, awarding a monetary fund of $10 million to be distributed to class members and representatives. Target has also agreed to provide injunctive relief, including but not limited to implementing changes relating to its information security program, naming a high-level executive to coordinate the program, maintaining processes for managing information security risks, responding to events determined to present a threat to security, and establishing security training protocols to relevant Target employees. In addition to the monetary fund, Target will pay attorney’s fees, costs, and expenses, and the costs of notifying the class and administering the settlement.

The settlement administrator has established a website that informs class members of the terms of the settlement, their rights, dates and deadlines, and other related information, here: http://targetbreachsettlement.com.

The website will be available for claim submission starting at the end of April 2015. The deadline to file a claim, opt out of, or object to the settlement is July 31, 2015.

The final settlement approval hearing is scheduled to occur on November 10, 2015.

Case Documents

Class Action Complaint

Order Certifying Settlement Class, Preliminarily Approved

Notice

Settlement Agreement

Case Contact Information

Phone: (866) 680-5931

Website: https://targetbreachsettlement.com/

Class Counsel