A federal judge in St. Paul has given the green light for most of a proposed class action lawsuit related to Target Corp.’s data breach to go forward.
On Thursday, U.S. District Judge Paul Magnuson rejected Target’s main argument to dismiss the case because consumers did not have enough standing to establish injury.
He noted that the 114 named plaintiffs have invoked such things as unlawful charges, restricted or blocked access to bank accounts, inability to pay other bills, and late payment charges. But Target said they didn’t show that the expenses were not reimbursed or that banks closed their accounts.
“These arguments gloss over the actual allegations made and set a too-high standard for Plaintiffs to meet at the motion-to-dismiss stage,” Magnuson wrote. “Plaintiffs’ allegations plausibly allege that they suffered injuries that are ‘fairly traceable’ to Target’s conduct.”
A Target spokeswoman declined to comment Friday since the lawsuit is still pending.
During last year’s holiday shopping season, about 40 million consumers had their payment card information stolen when hackers infiltrated Target’s point-of-sale systems. Another 70 million people had their personal information compromised.
In a similar decision earlier this month, Magnuson refused to throw out a case brought by financial institutions against Target. But he did reject one of the four claims in that case.
Thursday’s ruling was on a separate lawsuit brought by attorneys representing consumers.
Magnuson did agree with Target on some points and dismissed outright two of seven claims brought by the plaintiffs. In other claims, he threw out part of the case.
He dismissed the plaintiffs’ claims under consumer protection laws in three states and said they cannot maintain a class action status in nine states.
He also dismissed claims brought under data-breach notification laws in ten states, and the plaintiffs withdrew related claims in another three states. Magunson also threw out negligence claims in five states.