Thursday, December 4, 2014


Data breach still
Costing Target

Banks want to recover $$


From the Minneapolis (MN) Star-Tribune A federal judge in St. Paul refused Tuesday to throw out claims against Target Corp. made by several banks that say they lost money because of the company’s data breach last year.

U.S. District Judge Paul Magnuson dismissed one of four claims argued in the lawsuit, which claimed “negligent misrepresentation by omission” related to Target’s ¬security system. But Magnuson, in his court order released Tuesday, wrote that the plaintiffs presented a plausible case for the first three counts against Target: negligence, failure in providing sufficient security against data hackers and violation of Minnesota’s Plastic Security Card Act.

Unmitigated risk continues to be costly

The case involves all piurchases made at Target stores between Nov. 1 and Dec. 19, 2013, using credit or debit cards.

Target's lawyer contends that because a third-party firm handles all credit and debit card payments the store is not liable.

Target currently is contestng two multi-plaintiff suits: one from the banks and one from consumers.

In the meantime, Target is spending to try to restore it image.

It has put up several Web sites:

These sites are designed to give credit and debit card shoppers and stockholders a level of confidence that the 2013 breach won't happen again.

In the end, Target must reduce its bottom line

    To restore the customer base

    To restore customer confidence

    To put into place stronger security practices

    To fend off the banks

    To fend off injured consumers

Hopefully Target also will revisit its Enterprise Risk Management plan and this time make a thorough search for ALL threats, both the obvious and the "off the wall" threats overlooked in the previous exercise.

No comments: