A U.S. District Court in Minnesota has determined that the lawsuit filed against Target by financial institutions is eligible for class action status.
The lawsuit stems from Target's massive data breach during the 2013 holiday season, which brought data security at the point-of-sale into the general public awareness and cost credit unions more than $30 million.
Credit union trade groups were quick to weigh in on the court's decision.
Both NAFCU and CUNA emphasized that CUs should be made whole, and the importance of financial recovery for member-owners who were impacted by the breach, but the two groups also stressed that larger issues need to be addressed.
"This lawsuit is only one part of the equation," said Carrie Hunt, NAFCU's SVP of government affairs and general counsel. "To prevent these types of data breaches in the future, Congress must act to protect consumers' financial information by enacting national data security standards for retailers and holding them directly accountable for their data breaches."
Similarly, CUNA CEO Jim Nussle said in a statement that Congress must take the next step to stop future data breaches.
"Credit unions and banks are subject to robust data protection and notification standards; the absence of federal data security standards for the merchants that accept payment cards are the weak link in the system," Nussle said. "To properly protect the data of all Americans, we must equally share responsibility."
Last month Target and Visa reached a $67 million settlement over the data breach, but the amount of that figure that will trickle down to credit unions is unclear.
