April 04, 2014

Lawsuits over Target breach to merge in Minnesota

April 7, 2014- The numerous lawsuits that have been filed against Target Corporation for its massive data security breach last year will now be heard before U.S. District Judge Paul Magnuson in the retailer's home state of Minnesota.

According to a Reuters report last Friday, the transfer order was made by the U.S. Judicial Panel on Multidistrict Litigation and "will eliminate duplicative discovery, prevent inconsistent pre-trial rulings, and conserve the resources of the parties and the judiciary."

The order brings together a total of 33 lawsuits across 18 districts, and possibly many more that might follow suit, the report said.

NAFCU was the first financial services trade association to weigh in on this issue on Capitol Hill in the wake of the Target data breach.

The association is urging Congress to adopt national data security and breach notification standards for retailers. Financial institutions, including credit unions, have been subject to standards on data security since the passage of the Gramm-Leach-Bliley Act; however,retailers are not subject to these same standards.

NAFCU is closely monitoring recently introduced S. 1927, the "Data Security Act of 2014," from Sens. Tom Carper, D-Del., and Sen. Roy Blunt, R-Mo. Their proposed legislation would make progress in establishing a federal standard for protecting data, and exempt financial institutions already subject to the Gramm-Leach-Bliley Act.

NAFCU estimates that the Target data breach will cost credit unions almost $30 million. It notes that smaller, less notorious breaches since, taken together, have affected as many customers again.