Though it may be summer before card issuers see any money, Wednesday's news of a $39 million settlement between Target and financial institutions affected by its 2013 data breach likely signaled the end of a two-year legal saga that allegedly began when a Target refrigeration vendor employee opened a phishing email.
In an interview with CU Times, co-lead plaintiffs' counsel Karl Cambronne of Chestnut Cambronne PA said notice of the settlement and instructions will go out to financial institutions this month. At least 7,000 financial institutions and 20,000 senior executives could receive the notice, according to court documents filed Wednesday.
Cambronne said the timing of the settlement was due in part to the stage the case was in.
“We had gone through, essentially, discovery,” he said. “We'd taken dozens of depositions; hundreds of thousands of documents had to be viewed. We think we have a pretty darn good case – and Target would dispute that – but in any event, at some point generally people think, 'Is there a way to get this behind us?' And that time had come.”
On Wednesday, a Minnesota District Court gave preliminary approval to the settlement, which includes up to $20,250,000 for members of the class action and the settlement administrator, plus $19,107,939 for MasterCard's Account Data Compromise program. That money is over and above what issuers may receive from MasterCard's ADC recovery program or Visa's Global Compromise Account Recovery program, according to court documents.
The amount is also about twice Target's proposed $19 million settlement with MasterCard earlier this year. That deal failed to achieve a 90% participation rate from card issuers and died in May.
However, the money from the new settlement won't start flowing back to financial institutions until a judge gives final approval. That hearing is scheduled for May 10, 2016.
“We were hoping it would be April or even maybe March, but it's not,” Cambronne said.
By May, though, all the claims should be calculated, he noted.
“It'll be sometime in mid-2016 when people get their money,” he said.
However, the portion of the settlement earmarked for the MasterCard ADC program will likely be paid out by year-end, Cambronne noted.
Village Bank President Randy Diers, who runs one of the five financial institutions that originally formed what eventually became the class-action suit against Target, expressed his support for the settlement.
“While we wish the Target data breach had never occurred, we felt obligated to represent the class of financial institutions throughout the United States,” Diers said in a statement. “This settlement represents the best possible outcome for financial institutions, as it provides immediate and fair compensation and will hopefully help prevent the occurrence of similar data breaches in the future.”
NAFCU Senior Vice President of Government Affairs and General Counsel Carrie Hunt weighed in as well.
“In the two years since Target's huge data breach, consumers are still extremely vulnerable to cybercriminals during yet another holiday shopping season,” Hunt said. “We continue to urge Congress to act to protect consumers' financial information by enacting national data security standards for retailers and holding them directly accountable for their data breaches.”
Hunt continued, “Much more needs to be done to make credit unions whole. Member-owned credit unions deserve to be fully compensated.”
Members of the class-action suit can object to the settlement, Cambronne said, but he noted, “I am going to be shocked if there's any meaningful statement to that effect.”
Credit unions can also choose to opt out of the settlement, in which case they may be able to sue Target individually, he said.
“If Bank X from small-town America thinks, 'I can do better by suing them alone,' they have that right,” he explained.
Nonetheless, the case marks a legal first, Cambronne said.
“This is the first time ever in the history of American jurisprudence that banks have been able to recover their losses from a data breach,” he said. “Data breaches are maybe part of the fabric of our culture going forward; hopefully technology's going to be such that this will be a rare occurrence moving forward. But it feels good to know that for the first time ever, banks have been able to recover in these types of cases.”
He added, “This puts the period on the sentence for Target. Target can go forward and do what it's designed to do; that is, be a retailer for America. They do a good job at that, and we wish them well.”
Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.
Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking credit union news and analysis, on-site and via our newsletters and custom alerts
- Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
