Target. (Photo: Jay Reed via Wikimedia Commons.)
Minnesota is one obvious place to coordinate approximately 100 lawsuits filed over Target Corp.’s data breach, but a divided gathering of plaintiffs lawyers argued Thursday for alternative jurisdictions in Illinois, California, Louisiana and Colorado.
The U.S. Judicial Panel on Multidistrict Litigation heard arguments on that point during hearings in San Diego. Although attorneys awaiting seats packed the hallway outside the courtroom two hours before the Target hearing began, the panel asked few questions. Its members appeared focused on where the potential witnesses and any additional defendants are located.
The panel typically issues rulings several weeks following its hearings.
The session came one day after Target chief financial officer John Mulligan testified in Washington before a Senate committee about the breach.
On Dec. 19, Target announced that hackers had compromised debit and credit card transactions at its stores across the country. The breach potentially affected 110 million customers who made purchases between Nov. 27 and Dec. 15. The U.S. Secret Service, the Department of Justice and congressional officials have launched investigations.
Plaintiffs lawyers immediately moved to coordinate a flurry of litigation.
Most of the cases have been brought on behalf of consumers alleging that Target failed to protect their data despite being aware of the risk as early as 2007. More than a dozen cases were brought on behalf of banks and credit unions forced to reimburse debit and credit card holders for fraudulent charges.
The cases have been stayed pending the panel’s decision.
Supporting Minnesota during the hearing was Target’s lead counsel, Rebekah Kaufman, chairwoman of the consumer litigation and class action practice at Morrison & Foerster. Although cases have been filed in 39 districts, she said, there was a “substantial connection” to Minnesota, where the company’s information-technology department and most of its witnesses and documents are located at its Minneapolis headquarters. She noted that 24 cases already have been assigned to U.S. District Judge Paul Magnuson.
Also supporting that state was plaintiffs attorney Karl Cambronne, a partner at Minneapolis-based Chestnut Cambronne, who argued that more than 20 cases brought by banks invoke a Minnesota statute governing how retailers should retain customer data to avoid identity theft. He added that five derivative shareholder actions against Target have been filed in Minnesota.
But the litigation had a decidedly California feel this week, with San Diego plaintiffs firms Blood, Hurst & O’Reardon and Casey Gerry Schenk Francavilla Blatt & Penfield hosting a conference the day before on the litigation.
In arguing for California, Aashish Desai of the Desai Law Firm in Costa Mesa, Calif., cited a report released Tuesday by the U.S. Senate Commerce, Science and Transportation Committee finding that Target missed numerous opportunities to prevent the breach. The report, released ahead of the hearing at which Mulligan testified, implicated Fire Eye Inc., a Milpitas, Calif., firm that provided malware protection to Target, Desai said. “This will be a major component witness,” Desai said.
Chicago attorney Robert Clifford, a partner at Clifford Law Offices, claiming to represent a coalition of firms with 43 cases against Target, pushed for the Northern District of Illinois, where U.S. District Judge Robert Gettleman is overseeing many of the cases. He cited a lawsuit filed on Monday against a new defendant, Chicago’s Trustwave Holdings Inc., which provided security services to the retailer. Furthermore, he said, Illinois Attorney General Lisa Madigan was spearheading investigations for her fellow attorneys general.
Other lawyers argued for districts in Louisiana and Colorado, noting that the breach affected customers across the country.
Contact Amanda Bronstad at email@example.com.