A $38 millioncredit union opened the legal floodgates in response to Home Depot's recent card data breach, filing a proposedclass-action lawsuit to recover up to $5 million in losses.
First Choice Federal Credit Union in New Castle, Penn., is thelead plaintiff in the suit, which lists more than 100 potentialplaintiffs and estimates that class-action damages total at least$5 million, exclusive of interest and costs, according to courtdocuments.
|Home Depot should be held accountable for failing to prevent ordetect the breach, according to Gary Lynch, a partner thePittsburgh-based law firm Carlson Lynch Sweet & Kilpela, LLP,which filed the lawsuit Sept. 16 in the Atlanta division of theU.S. District Court for the Northern District of Georgia.
|“After seeing the same type of attack on other retailers in thelast two years, it is simply unacceptable that Home Depot allowedthis to happen,” Lynch said in a prepared statement sent to CUTimes. “And if it's true that they didn't detect the hack forfour months, that's even worse.”
|Lynch also represents financial institutions and serves on thePlaintiffs' Executive Committee in the consolidated Targetsuit.
|Following last year's Target card data breach, the $211 million Alabama State Employees Credit Union was the first financialinstitution to sue that retailer.
|First Choice also sued Target.
|Home Depot acknowledged that hackers gained access to card dataas early as April of this year and most likely affected all of its2,200 stores in the United States and Canada, according to thecomplaint.
|“The exact number of compromised cards is unknown at this time,but given the length of the breach and the number of storesinvolved, tens of millions of Americans could be victims,” a pressrelease issued by Carlson Lynch Sweet & Kilpela, LLP said.“Reports indicate that batches of the stolen data are already beingsold by criminals on underground websites and some experts haveestimated that the breach could cost financial institutions morethan $2 billion through fraudulent transactions.”
|The Home Depot attack involved mostly the same techniques usedin other recent major data breaches, according to thecomplaint.
|“Despite having knowledge that such data breaches were occurringthroughout the retail industry, Home Depot failed to properlydefend sensitive payment card information from what is now awell-known, preventable angle of attack,” the complaint said.
|Home Depot only learned of the breach from law enforcement andfinancial institutions,
|according to court documents.
|The volume of data stolen was much greater than it would havebeen if Home Depot monitored its data security adequately enough toidentify and eliminate the attack as it was occurring, thecomplaint said.
|Even before the Home Depot breach was confirmed, many creditunions, such as the $2.3 billion Affinity Federal Credit Union inBasking Ridge, N.J. and the $60 billion Navy Federal Credit Unionin Vienna, Va., had taken proactive steps to protect members suchposting warnings on websites and monitoring member credit cardsthat might have been involved in a breach.
Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.
Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Critical CUTimes.com information including comprehensive product and service provider listings via the Marketplace Directory, CU Careers, resources from industry leaders, webcasts, and breaking news, analysis and more with our informative Newsletters.
- Exclusive discounts on ALM and CU Times events.
- Access to other award-winning ALM websites including Law.com and GlobeSt.com.
Already have an account? Sign In
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
