On September 15, 2015 Judge Paul Magnuson, U.S. District Judge in Minnesota, certified a class of financial institutions that had sued Target as a result of the 2013 data breach.
The consumer class case has settled and is awaiting court approval.
Financial institutions asserted three claims against Target: negligence in failing to provide sufficient security to prevent hackers from accessing customer data; a violation of the Minnesota Plastic Security Card Act, and; negligence per se.
In its opinion certifying a class of financial institutions, the court allowed the plaintiffs to apply Minnesota law to non-resident plaintiff claims and agreed that plaintiffs could prove damages by common evidence.