Federal District Court Magistrate Jeffrey J. Keyes in the multidistrict litigation pending in Minneapolis ruled that Target has to tell financial institutions suing over the retailer’s massive 2013 data breach whether it suffered similar attacks in the past and if so, how it responded to them.
The ruling is the latest development in cases over the 2013 breach that compromised at least 40 million credit and debit cards that holiday shoppers used at its retail stores. The breach is believed to be among the largest in U.S. history.
Though consumers settled their claims against Target for $10 million in March, the banks are continuing their suits to recover what they paid to reimburse customers for fraudulent transactions, issue card replacements and other costs related to the breach. As we previously posted, Target announced this month that a settlement it sought with some of the financial institutions failed.
The case is In re: Target Corp. Customer Data Security Breach Litigation, MDL case number 14-02522, in the U.S. District Court for the District of Minnesota.