Card networks believe Target failed to meet data-security standards at the time of the holiday data breach, the
Meanwhile, Target believes that its payment systems did meet industry security standards. Each side cited experts that support its view.
At issue is who will cover the hundreds of millions of dollars in losses that arose from the data breach, involving 40 million Target shoppers who had their card data stolen
If Target turns out to have been lax with its data security, it will be on the hook for huge fines and industry penalties, not to mention damages from a flood of lawsuits. But if Target's data security met industry guidelines, its exposure will be far less.
"The forensic investigator working on behalf of the payment card networks claimed that we were not in compliance with those standards at the time of the data breach," Target told the
The four major card networks are Visa,
But Target's own "independent third-party assessor found the portion of our network that handles payment card data to be compliant with applicable data security standards in the fall of 2013," the filing said.
Given the dispute, Target said in the filing, "We believe it is probable that the payment card networks will make claims against us. We expect to dispute the payment card networks' anticipated claims ... "
Ultimately, Target said it's "likely that our disputes would lead to settlement negotiations," similar to other retailers in other breaches.
And what will the final cost to Target be?
Target said it still can't "estimate a range of possible losses." But it did concede that claims might be so large, they "could be material to our (future financial) results."
(c)2014 the Pioneer Press (St. Paul, Minn.)
Visit the Pioneer Press (St. Paul, Minn.) at www.twincities.com
Distributed by MCT Information Services