Financial institutions faced another tough decision this week about whether to fight a settlement offer from a retailer hit by a data breach.
According to documents filed Nov. 30 in a Georgia District Court, MasterCard and Home Depot have apparently reached a proposed settlement regarding the retailer's September 2014 data breach. But attorneys for institutions suing Home Depot over the breach said the retailer won't share the settlement agreement and is involved in sending "highly misleading and coercive" communications to financial institutions.
"On the eve of the Thanksgiving holiday weekend, Wednesday, November 25, 2015, third-party payment processors, evidently acting in concert with Home Depot, sent email notifications to putative class members – including named FI plaintiffs known to be represented by counsel in this matter – stating that Home Depot and MasterCard had reached a settlement involving the Home Depot data breach," the attorneys stated in a request for an emergency hearing. "Some of the class communications state that failure to affirmatively opt out of the settlement will result in a release of all claims pending in this case, without even specifically mentioning the litigation, or even telling the class members how much they would receive under the settlement."
Recommended For You
Plaintiffs' attorneys said the communications also were unclear about whether accepting the settlement wipes out what institutions might be entitled to under MasterCard's Account Data Compromise program.
According to the court documents, FIS and Fiserv notified financial institutions of the proposed settlement and asked them to respond by Dec. 2 if they wanted to participate; Vantiv gave financial institutions a Dec. 7 deadline.
The communication from FIS, dated Nov. 25, noted the settlement will become effective if, among other things, 65% of all qualified accounts accept it.
That may have put financial institutions in a position akin to the one many were in last spring, when Target and MasterCard negotiated a $19 million proposed settlement related to its 2013 data breach. That settlement failed to meet a 90% minimum participation rate and was officially rejected in May. This month, Target agreed to settle for about $40 million.
In a reply filed with the court on Monday, Home Depot disputed many of the allegations and called the complaints from plaintiffs' counsel "a desperate attempt to improperly interject itself into the Card Brand Recovery process."
"Home Depot did not send or authorize and was not even aware of the communications they complain about," attorneys Cari Dawson and Kristine Brown, who represent Home Depot, wrote. "Rather, the communications attached to the banks' filing show on their face that they were sent by or on behalf of absent class members to other absent class members. In other words, the banks are complaining about communications that are completely between and among their own absent class members."
Home Depot also contested the demand to see the settlement agreement.
"The banks' misstatements should not be rewarded with access to documents to which they have no right," Dawson and Brown wrote. "Parties cannot be allowed discovery into lawful settlement negotiations by making up factual allegations."
Attorneys Gary Lynch, Kenneth Canfield and Joseph Guglielmo, who are co-lead counsel for the plaintiffs, said in a statement that until Home Depot discloses more about its agreement with MasterCard, institutions should reject any settlement that does not offer significant reimbursement for losses beyond what they are entitled to under MasterCard's rules without releasing their legal claims.
"The recently announced settlement in the litigation over Target's 2013 data breach proves that financial institutions do not need to accept the first offer they receive directly from the card brands," they said. "By rejecting MasterCard's initial offer, financial institutions ultimately obtained significantly greater compensation in court. The Target settlement sets an important precedent by showing that financial institutions can achieve greater compensation for their losses through the legal system."
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
