Target Data Breach: Class Action Settles for $10 Million
The popular American retail store Target was involved in one of the largest data breaches ever to occur. Customers who shopped between November 27 and December 15, 2013 may have had their credit card or debit information stolen. Target did not make an announcement that it, and its customers, had been a victim of criminal breaches of its computer network until December 19, 2013. Nearly 40 million card accounts may have experienced impacts resulting from this data breach. As investigations mounted, it was also discovered that guest information including mailing addresses, email addresses, phone numbers, and names were taken as well. Target reports that upwards of 70 million individuals may be impacted by the stolen information.
Class-Action Settlement News
In a recent breakthrough, a federal judge granted preliminary approval for a $10 million settlement for a class-action suit relating to the 2013 Target data breach. Plaintiffs claim that Target did not adequately protect consumer’s data and personal information, and Target delayed providing notice of the data breach. Papers filed with the United States District Court in Minnesota highlight how shoppers who suffered as a result of the breach could be awarded up to $10,000 in damages. The claims will be processed through a dedicated website.
Claiming damages can be difficult for victims. According to the New York Times, requirements to prove victims incurred damages include proving that unauthorized charges were made to their credit cards. It must also be proven that victims invested time in researching the fraudulent charges, leading to costs from fixing their credit report due to higher interest rates, from replacing identification cards, or from hiring lawyers or identity theft protection companies.
Data Breach Law in Florida
Florida has some of the most strict breach notification statutes in the country. The Florida Information Protection Act of 2014 (FIPA), was signed into law by Governor Rick Scott and became effective on July 1, 2014. The law is designed to increase the responsibility of businesses and government organizations that hold data, including the personal information of individuals. It mandates the protection of such information and requires notice of breaches of that information. The law can be found in Florida Statutes Section 501.171, the Consumer Protection Chapter.
The definition of what constitutes personal information under the Act has been expanded to incorporate a person’s first name or first initial and last name in combination with one or more of the following:
– A Social Security number;
– A driver license or ID card number, passport number, military ID;
– A financial account number or credit or debit card number, in combination with any required security code, access code, or password that is necessary to permit access to an individual’s financial account;
– Any information about a person’s medical history;
– A person’s health insurance policy number or subscriber ID number used to identify an individual; or
– A username or email address in combination with a password or security question and answer that would permit access to an online account.
Businesses covered under the law include sole proprietorships, partnerships, corporations, estates, trusts, cooperatives, or other entities that acquire, maintain, store, or use personal information. Reasonable measures must be taken by covered entities to protect and secure data in electronic form containing personal information. If a breach occurs, a person must be notified by email or letter as soon as possible, but no later than 30 days after the discovery of the breach.
If you have suffered from the effects of a data breach, please do not wait to act. It is important to contact an experienced Fort Lauderdale personal injury attorney at Boone & Davis right away to discuss your case and options for recovering damages.