The massive data breach from November 2013 through December which involved at least 40 million and perhaps even 110 million Target Corp. customer accounts has sparked legal action. Banks that may have lost hundreds of millions of dollars as a result of Target’s failure to secure customer information have joined suit in multiple jurisdictions and are seeking class action status.
Target is accused of failing to use industry-standard security methods to protect customer information, which led to credit card and debit cards being compromised. The compromised cards led banks to reimburse customers for fraudulent activity and thus they are looking to be reimbursed by Target. An analyst with Jeffries told the Minneapolis/St. Paul Business Journal the total costs incurred by Target to make customers whole will likely range between $1 and $2 billion if not more.
Representatives of Target and other retailers, who have suffered similar significant data breaches according to KSTP and WPRO, are testifying before Senate and the House panels to explain how the breaches occurred. The Identity Theft Resource Center recorded 619 breaches on the 2013 ITRC Breach List, a dramatic increase from what was recorded in 2012. The healthcare sector was associated with 43% and businesses 33.9%. The data breaches can be the result of various factors third parties, data on the move, insider theft, employee error/negligence, or even mere accident. The recent Target data breach has sparked discussion of the need for data breach reporting to be standardized.
Data breaches are an increasing problem and on average a single successful attack can involve $300K. If the cost from one attack companies isn’t enough of a worry, companies are attacked on average 2 million times per week. The most frequent targets of data breaches are financial organizations, retailers and restaurants. Hackers stole personal information of over 50 million LivingSocial members in April 2013. Information such as names, email addresses, encrypted passwords, credit card information etc are the types of information being sought out by hackers.
We encourage you to be aware of what information you provide and the manner in which you provide it.