Several lawsuits have already been filed against Target following the massive data breach suffered by the retailer last year. However, the class action filed by law firm Hagens Berman Sobol Shapiro LLP is among the most interesting.
Target has recently admitted that cybercriminals obtained the details of up to 110 million customers after installing malware on point-of-sale (POS) registers.
The Hagens Berman lawsuit claims that Target was notified of vulnerabilities in its POS systems in 2007, but the company failed to do anything about the security issues.
The suit references a white paper in which security expert Dr. Neal Krawetz detailed POS vulnerabilities at major retailers. The research named Target as an example. The paper estimated that the vulnerabilities in Target’s POS systems exposed 58 million consumers.
Krawetz sent the developer responsible for Targets POS systems a copy of the paper, which included suggestions on how to address the issues. The developer admitted that the recommendations were “good ideas” and requested permission to forward the study to other Target employees.
Since the retailer failed to apply the security measures proposed in the research paper, its systems remained vulnerable.
“We believe that Target not only knew its systems were vulnerable to exactly this kind of attack all the way back in 2007, but was alerted to and acknowledged suggestions that would have made its customers safer,” noted Tom Loeser, a Hagens Berman partner.
“However, Target did not act on this knowledge, and as a result, tens of millions have had their personal information stolen and financial accounts compromised.”
The lawsuit also blames Target for several other things. The retailer is accused of acting in its own interest, instead of looking out for impacted customers. The company did not immediately offer credit and identity theft protection services.
People who want to join this class action can contact Hagens Berman via email at Target@hbsslaw.com or by calling (206) 623-7292.