Class Action Filed for Target Data Breach
SAN FRANCISCO (CN) - The first class action was filed Thursday against Target, hours after the company announced that security may have been breached on as many as 40 million credit and debit cards swiped from Nov. 27 until Dec. 15.
The stolen data includes names, credit card numbers, expiration dates and the three-digit security codes on the backs of cards, but did not affect online purchases, Target said.
The possible ID thefts affected all swiped cards, not just Target cards.
Lead plaintiff Jennifer Kirk, represented by Robert Ahdoot with Ahdoot & Wolfson, of Los Angeles, sued Target in San Francisco Federal Court, in a complaint date-stamped at 1:37 p.m.
Kirk claims in the lawsuit that the data breach was announced by a blogger, Brian Krebs, on Wednesday, "before Target made any attempt whatsoever to notify affected customers."
The data breach is believed to have come from software installed on the machines that customers use to swipe their credit and debit cards.
Kirk seeks class certification, damages and punitive damages for unfair competition, privacy invasion, negligence, conversion and other charges.
Minneapolis-based Target told customers to check their bank statements carefully. Suspicious charges can be reported to Target at (866) 852-8680.
Suspected identity theft should be reported to police or to the Federal Trade Commission.
With nearly 1,800 stores in the United States, Target is the nation's second-largest discount retailer, after Wal-Mart.