About this Case
TMLG has filed a class action lawsuit on behalf of consumers against Target Corporation (“Target”) for failing to implement and maintain reasonable security procedures and practices, compromising the financial and personal information of its customers. Approximately 40 million credit and debit card users who purchased products from Target between November 27 and December 15, 2013 were affected by the data breach. News of the breach was first published by blogger Brian Krebs of Krebsonsecurity.com on or about December 18. 2013, before Target made any attempt to notify its affected customers. As widely reported by multiple news services on December 19, 2013, “investigators believe the data was obtained via software installed on machines that customers use to swipe magnetic strips on their cards when paying for merchandise at Target stores”. Such information allows thieves to manufacture counterfeit cards by encrypting victims’ data onto any card with magnetic strips. The thieves may also have accessed PIN numbers, granting them access to customers’ bank accounts. Plaintiffs allege, were it not for Target’s negligence, the breach would not have occurred.
After the news broke, Target published a statement on their corporate website, as opposed to their shopping site – the site regularly accessed by customers – confirming “that the information involved in this incident included customer name[s], credit or debit card number[s]… the card[s’] expiration date[s] and CVV[s] (the three-digit security code)”. In its statement, Target assured consumers that they “have identified and resolved the issue,” conveying a false sense of security.
The Federal Trade Commission (“FTC”) urges prompt action at the sign of potential identity theft. For more information on recognizing identity theft, please visit: http://www.consumer.ftc.gov/articles/0271-signs-identity-theft.
Similarly, you may find information on how to repair identity theft at: http://www.consumer.ftc.gov/articles/0274-immediate-steps-repair-identity-theft.
In 2015 this case settled for $10 million to be distributed to class members and representatives. Target also agreed to provide injunctive relief, including but not limited to implementing changes relating to its information security program, naming a high-level executive to coordinate the program, maintaining processes for managing information security risks, responding to events determined to present a threat to security, and establishing security training protocols to relevant Target employees.
The deadline for filing a timely claim has passed and all eligible claimants have been paid.
Case Contact Information
Phone: (866) 680-5931
Terrell Marshall Law Group PLLC
Heins Mills & Olson, P.L.C.
Ram, Olson, Cereghino & Koczynski
Nichols Kaster, PLLP
Morgan & Morgan Complex Litigation Group, PA
Girard Gibbs LLP
Stueve Siegel Hanson LLP