Before September 15, 2015, no federal court had certified a class action to litigate security breach claims. But now U.S. District Court Judge Paul A. Magnuson, overseeing the In re: Target Corporation Customer MDL, has certified as a class:

All entities in the United States and its Territories that issued payment cards compromised in the payment card data breach that was publicly disclosed by Target on December 19, 2013.

This certified class representatives will litigate three claims on behalf of all such issuers: that Target was negligent in failing to provide sufficiently secure customer data; that Target violated Minnesota’s Plastic Security Card Act (“PCSA”); and that this violation of Minnesota law constituted negligence per se.

In opposing class certification, Target had maintained that no classwide proof of injury existed, especially given variations in state laws. Target also contended that damages would have to be calculated on a bank-by-bank basis, making class adjudication untenable. The court considered and rejected both of these arguments in turn.
Continue Reading FINANCIAL INSTITUTIONS MAKE HISTORY IN TARGET MDL, FIRST CLASS ACTION CERTIFIED IN FEDERAL COURT TO LITIGATE SECURITY BREACH ISSUES