This week, a U.S. District Judge in Minnesota ruled financial organizations that have spent large sums of money replacing compromised customer credit and debit cards can proceed with a lawsuit against Minneapolis-based Target Corp., which experienced what may have been the largest consumer data breach ever, according to a report from Reuters.
Last year, Target was the mark for a data breach in which thieves stole names, mailing addresses, phone numbers and credit card numbers of as many as 110 million Target customers.
Banks and credit card companies, which dealt with replacing consumer cards after the breach, incurred expenses the companies claim were in the billions of dollars. They filed a class action negligence lawsuit against Target Corp. as a result of the burden of these expenses.
The judge ruled that banks and credit card companies were foreseeable victims of Target's negligence and therefore had the right to file the suit. "This isn't an area where the laws are already broad and deep," said Charles Zimmerman, who is representing the banks, in the report, indicating the judge's decision could be important for future legal precedent.
The decision may set a favorable precedent to companies affected by negligence-fueled data breaches in other institutions.