From Pine View Farm

Responsible Fiscals 0

This could get interesting.

A New Castle-based credit union (New Castle, Pennsylvania–ed.), seeking to represent more than 100 other such institutions, has filed a lawsuit against Target Corp. in federal court in Pittsburgh, seeking compensation for costs related to the massive security breach of the retailer’s computer system.

(snip)

According to the complaint, that left First Choice, and other similar financial institutions, with “significant costs associated with, among other things, notifying its members of issues related to the Target Data Breach, closing out and opening new customer accounts, reissuing members’ cards, and/or refunding members’ losses resulting from the unauthorized use of their accounts.”

I’m torn.

There is an emotional appeal to the thought that companies should be held accountable for such massive screw-ups. Yet, we don’t know that Target was directly responsible. Target’s point-of-sale devices contained malware; my reading tells me that many outfits contract out their point-of-sale technology to vendors.

Is Target a legitimate target, is its vendor, or do we get a circular firing squad? May we as customers sue our banks when they get penetrated (after all, they penetrate us all the tim–never mind).

If the suit encourages American card companies to adopt the chip-and-PIN technology used in Europe, which they have resisted because it’s “inconvenient” (yet massive data breaches are somehow “convenient”) (Edit: and the change would cost money), it might be all to the good.

For a good discussion of the Target breach by computer security experts, listen to the latest NetSec podcast.

Share

Comments are closed.