Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Customer Data / Target Seeks To Settle Breach Lawsuit
Target Seeks To Settle Credit-Card Breach Lawsuit
Target Seeks To Settle Credit-Card Breach Lawsuit
By Jennifer LeClaire / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
The retail giant is facing judgment day for its massive December 2013 data breach. Target estimated that the breach cost company shareholders $148 million, but you can add another $10 million to the tally in the wake of a proposed settlement in a class-action suit.

According a Reuters report, Target will, upon federal court approval, deposit the settlement amount into an interest-bearing escrow account. Individual victims in the suit will receive as much as $10,000 each.

“We are pleased to see the process moving forward and look forward to its resolution," Target spokeswoman Molly Snyder told Reuters. Target is also promising to adopt and implement new data-security measures as part of the settlement, including hiring a chief information security officer.

Taking a Step Back

The Target data theft was the largest affecting a retailer since 2005, when data on 45.7 million shoppers was taken at retailing giant TJX, which operated several chains, including T.J. Maxx and Marshall’s. Both Target’s CEO and CIO resigned over the massive data breach, which led to the theft of information on what was believed to have been 40 million credit and debit card accounts in transactions that occurred from Nov. 27 to Dec. 15.

About a month after the breach, the company said the theft also may have exposed identifying information like names, addresses and e-mail addresses for as many as 70 million customers. In February, Krebs on Security broke the news that at the heart of the costly breach were network credentials stolen from a third-party vendor.

Industry watchers said this was yet another example of the need for security professionals to take a step back and look at the overall ecosystem of devices and how they are connected. Attackers will find and exploit the weakest link in an interconnected network every time. In Target’s case, it was especially costly.

Setting a Precedent

We caught up with Lane Thames, security researcher for advanced threat protection firm Tripwire, to get his thoughts on the Target settlement. He told us the lawsuit is no big surprise -- and no big deal in the scheme of things.

“It sounds like a lot of money, and it is for most of us. But not for Target,” Thames said. “Most large retailers have a dedicated line item in the budget for fraud-based issues.”

One would hope that the lawsuit would induce, via negative reinforcement, a change in business practices, Thames said. In any case, he is certain it will set some type of precedent and expects to see similar results for Home Depot and Anthem related to their recent data breaches.

“However, at the end of the day it boils down to profit. Security and controls are not profit makers,” Thames said. “As such, security and controls will remain lower on the totem pole of priorities for big retailers for quite some time, and we will continue to see large breaches for the foreseeable future."

Image credit: Target.

Tell Us What You Think


Like Us on FacebookFollow Us on Twitter
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.