Target To Face Class-Action Lawsuit From Banks Over Data Breach

A month after Target agreed to pay financial institutions that issue Visa-branded credit cards $67 million related to its massive 2013 data breach, a federal judge gave the go-ahead for other banks to pursue a class-action lawsuit against the retailer.

Reuters reports that a federal judge in St. Paul, MN, on Tuesday granted class-action status to the financial institutions suing Target for damages stemming from the data breach that affected more than 100 million customers.

By certifying the class-action status of the case, the judge gives the plaintiffs more leverage in negotiations with the retailer and make hefty settlement more likely.

An attorney representing the banks tells Reuters that the ruling “brings financial institutions one step closer to collectively holding Target accountable for its unprecedented data breach.”

He said that lawyers would work to provide notice to all financial insinuations covered by the class, and that they “look forward to obtaining proper compensation.”

A spokesperson for Target says the company was “disappointed” and would evaluate its next steps.

The judge’s ruling comes just a month after Target reached a deal with Visa to give about $67 million back to consumers affected by the breach.

While the figure was attributed to “people familiar with the situation,” the company confirmed the payment amount in a recent SEC filing.

“In August 2015, we entered into a settlement agreement with Visa under which we will pay up to $67 million to eligible Visa card issuers worldwide that issued cards that Visa claimed to have been affected by the data breach,” the filing reveals.

In the wake of the massive hack, which went on for weeks before being detected in late 2013, card issuers say they spent hundreds of millions of dollars issuing replacement cards and dealing with fraudulent charges tied to the breach.

Target said at the time it will continue to dispute claims filed by the three other major payment networks.

“We expect to dispute the remaining unsettled claims regarding the data breach that have been or may be made against us by the payment card networks,” the company says. “With respect to the three major payment card networks other than Visa, we think it is probable that our disputes would lead to settlement negotiations.”

The company previously settled a class-action case from consumers in March by agreeing to pay $10 million. The settlement was believed to potentially pay individual victims up to $10,000 in damages.

U.S. judge certifies class action over Target Corp data breach [Reuters]