NW woman sues Target for security breach
A Northwest woman is suing Target Corp. of Minnesota because of a credit card security breach that could affect about 40 million shoppers who swiped their cards during the past several weeks.
Attorneys for Lisa Purcell of Milwaukie filed a lawsuit in Portlands U.S. District Court claimed Friday that Target was negligent because the company "failed to implement and maintain reasonable security procedures and practices appropriate to the nature and scope of the information compromised in the data breach.
Seattle attorney Jennifer R. Murray, representing Purcell, is seeking class-action status for the lawsuit. The complaint asks that the court impose punitive damages against the Minneapolis corporation. No amount for the damages was listed, but Murray wrote that claims could exceed $5 million.
In the lawsuit, Purcell says she shopped at a Portland-area Target store on Dec. 9 to buy Christmas gifts for her family. She claims that in addition to being negligent in its security, the corporation failed to inform people who might be affected by the breach within a timely manner. Most people heard about the breach through the news media or on social media, according to the lawsuit.
Purcells lawsuit is similar to two others filed in California during the past few days. Jennifer Kirk sued Target in San Franciscos federal court, alleging invasion of privacy and negligence after she used her credit card during Christmas shopping.
Orange County resident Colleen Klein also sued Target, accusing the corporation of failing to disclose its substandard security practices.
A handful of state attorneys general are also considering taking action against the corporation.
Target officials said Friday that the company was continuing the process of reaching out to guests across a number of channels including traditional and social media.
The company also began sending emails Friday to people who may have shopped in the stores with a credit or debit card between Nov. 27 and Dec. 15.
To date, we are hearing very few reports of actual fraud, but are closely monitoring the situation, company officials said in a statement released on Targets website. We want to reassure guests that they will not be held financially responsible for any credit card or debit card fraud.
Target Chief Executive Officer Gregg Steinhafel said Friday that the company was offering a 10 percent discount to people who shop at the stores Saturday, Dec. 21, and Sunday, Dec. 22.
We take this crime seriously, Steinhafel wrote. It was a crime against Target, our team members, and most importantly, our guests. Again, we recognize this issue has been confusing and disruptive during an already busy holiday season. We want to emphasize that the issue has been addressed and let guests know they can shop with confidence at their local Target stores.
Blogger reveals breach
Target said on Thursday, Dec. 19, that a massive data breach resulted in the exposure of about 40 million customer accounts.
Cyber Security blogger Brian Krebs reported that the Secret Service has been investigating the theft of credit and debit card data from Target. Krebs is a national computer security expert and former Washington Post reporter.
Although the Secret Service has confirmed it is investigating, they have not made any further comments.
The breach involved the "skimming" of credit card numbers, but may have also resulted in the theft of debit card PINs. This security breach did not affect any cards that were used to shop at Target's online site.
The breach began on Black Friday and continued through Sunday, Dec. 15. Anyone who shopped at Target between Nov. 27 and Dec. 15 is encouraged to review account information.
The data was taken with software that had been installed on the credit card machines customers use to swipe their cards at the checkout counter. According to Target, the information that was acquired included customer names, credit or debit card numbers, the card's expiration date, and the CVV numbers. Target is reporting that the breach of credit card data has been resolved.
This security breach could involve any of Target's 1,800 stores in the country 12 of which are in and around Portland.
Although affected shoppers are not liable for fraudulent charges, they should continue to monitor credit and bank statements. Customers should go online to verify account information and not wait for paper statements. Target is in the process of notifying banks and credit providers. If customers find any unauthorized charges, they should place a credit freeze on any compromised accounts by contacting the appropriate financial institution. REDcard holders should contact Target directly.
Another likely outcome is that scammers will use this public data breach to phish for personal information. During the next few weeks, customers should be suspicious of unsolicited emails or phone calls from purported financial institutions. Do not click on links, download attachments or provide information like Social Security numbers to contractors.Add a comment