Publications

On March 19, 2015, a federal judge in the District of Minnesota preliminarily approved a settlement between Target Corporation and a putative class of consumers in a litigation arising from the breach of Target’s computer network in late 2013, scheduling a final approval hearing for November 10, 2015. Under the settlement agreement, Target will pay $10 million to consumers “whose credit or debit card information and/or whose personal information was compromised as a result of the data breach” (the “settlement class”). While the litigation was settled before the plaintiffs’ allegations could be adjudicated – and without any admissions of wrongdoing or liability – the culmination of the action presents an important opportunity to understand how a data breach can occur and where a company’s primary cyber risks may be; identify the practical steps companies can and should take to attempt to prevent a data breach, respond to a breach when it does occur, and mitigate the resulting exposure; and appreciate the liability companies may face if they do not adequately prevent a breach.