By Scott Flaherty, From The Litigation Daily

Just weeks after Target Corp. failed to escape claims that it’s liable for a massive data breach that cost banks billions of dollars, a judge refused to dismiss most of a proposed consumer class action over the same late-2013 hack attack.

U.S. District Judge Paul Magnuson in St. Paul, Minn., refused on Thursday to dismiss most of a proposed class action brought by Target customers under dozens of state consumer protection and privacy laws. The judge did throw out some state law claims, however, and he hinted that Target’s lawyers may yet whittle the case down further.

Plaintiffs lawyers pounced on Target after unidentified hackers stole credit and debit card information for some 110 million of the retailers’ customers during the 2013 holiday shopping season. The company, they alleged, failed to take reasonable steps to protect its customers’ sensitive financial information.

In their motion to dismiss, Target’s lawyers at Ropes & Gray countered that the cardholders didn’t have standing to sue, because they hadn’t adequately alleged a financial harm from the breach. Magnuson mostly swept that argument aside on Thursday, ruling that it wasn’t enough to succeed at this early stage in the case.

“Plaintiffs’ allegations plausibly allege that they suffered injuries that are ‘fairly traceable’ to Target’s conduct,” Magnuson wrote.

The judge also noted, however, that the plaintiffs’ alleged injuries—such as unauthorized charges, blocked access to bank accounts and fees incurred from late payment charges—would have to be supported by evidence going forward. That opens the door for Target to renew its standing challenge in a summary judgment motion, especially if the plaintiffs struggle to establish a clear link between the data breach and any harm they suffered.

In addition to the consumer case, Magnuson is considering a consolidated complaint in which banks have alleged losses of as much as $18 billion from having to reissue cards and reimburse customers in the wake of the Target breach. Magnuson issued a ruling in the financial institutions’ suit on Dec. 2, also keeping most of that case intact.

The courtroom setbacks for Target come as Sony Pictures Entertainment has been dealing with the fallout from a cyberattack prompted by the company’s planned release of “The Interview,” a comedy about an assassination attempt on North Korea’s leader Kim Jong-un. Sony is facing a flurry of lawsuits brought by employees claiming the company didn’t do enough to protect its computer network.

Vincent Esades and David Woodward of Heins Mills & Olson serve as lead counsel for the plaintiffs in the Target consumer cases. Esades said he was pleased with Thursday’s ruling.

Ropes & Gray’s Douglas Meal represents Target along with lawyers from Faegre Baker Daniels. Meal didn’t respond to a request for comment, and a Target spokeswoman said the company doesn’t typically comment on pending litigation.

Photo: ivanastar/iStockphoto.com

For more on this story go to: http://www.litigationdaily.com/id=1202712992308/Target-Suffers-New-Blow-in-Data-Breach-Case#ixzz3MegfzEXC