News Column

Target Faces Lawsuits, Investigations Over Data Breach

December 23, 2013

By Mike Snider, USA TODAY

Target says 40 million credit and debit information has been stolen.

Consumer frustration and outrage over the Target credit card breach is moving from Facebook and Twitter to the courts and state governments even as the stolen accounts are flooding the black market.

Three class-action lawsuits have been filed in the wake of the theft of data on about 40 million credit and debit card accounts of Target shoppers from Nov. 27 to Dec. 15.

More than $5 million in damages is being sought in the cases, two of which were filed in California and one in Oregon.

The attorneys general in at least four states -- Connecticut, Massachusetts, New York and South Dakota -- have asked Target for information about the breach. That's the first step to a possible multistate investigation.

Meanwhile, millions of the stolen card accounts have begun showing up for sale on the black market, says the security reporter who initially broke the news about the breach.

"Credit and debit card accounts stolen in (the Target breach) ... have been flooding underground black markets in recent weeks, selling in batches of one million cards and going for anywhere from $20 to more than $100 per card," writes Brian Krebs on his KrebsOnSecurity.com site.

Over the weekend, Minneapolis-based Target offered customers a 10% discount in its U.S. stores, after CEO Gregg Steinhafel said on Friday that the company would provide free credit monitoring to at-risk customers.

The company may need to do a lot more in coming days.

"With these data security breaches, there's usually the question of consumer confidence and trust," said Daren Orzechowski, a New York-based intellectual property attorney with White & Case.

The speed of class-action suits and state officials getting involved "is not surprising," said Orzechowski, who deals in data privacy issues.

Many states have strong breach notification laws that require the attorney general be notified, he said.

Both the state and civilian queries will be interested in "when did Target know there was an issue and how long did they wait, in terms of responding, because there's a lot of obligations on promptly notifying people and there is going to be a lot of focus on that in the days to come."

The Secret Service is also investigating the Target breach.

Contributing: The Associated Press


For more stories covering business, please see HispanicBusiness' Business Channel



Source: Copyright 2013 USA TODAY


Story Tools






HispanicBusiness.com Facebook Linkedin Twitter RSS Feed Email Alerts & Newsletters