A local woman has filed a class action lawsuit against the Target Corporation, saying the company's action in dealing with a security breach was essentially too little and too late.
Michelle Mannion, 45, of Amherst, was among the 40 million or so customers whose credit information was illegally obtained at the peak of this year's holiday shopping season – between Nov. 27 and Dec. 15.
Mannion, described as a regular Target shopper, used her credit/debit card at the Amherst Target on Dec. 4 and Dec. 5. The suit, filed earlier this week, notes that blogger Brian Krebs published news of the data breach before Target itself made any attempt to notify customers who may have been affected.
According to news reports in December, investigators believe the data was obtained via software installed in machines that customers use to swipe strips on their cards when paying for merchandise at the stores.
The suit goes on to claim that thieves could not have installed the software to access this information if Target hadn't been negligent. It further alleges that Target failed to implement and maintain reasonable security measures.
Once it became apparent what had happened, Mannion's suit notes, the Minneapolis-based Target posted a statement on its corporate web site – but not on the shopping site that customers use.
Besides many customers' losses – Mannion's own bank account was drained as a result of the Target breach – those customers also face ongoing troubles, as their credit card and financial information is now likely on the global black market, according to the suit.
Mannion's attorney, Steve Goldberg, declined comment.
On its website, Target notes that as soon as the malware was discovered on its point-of-sale system in stores, the malicious code was disabled and the company began notifying credit card processors and payment card networks of the breach.
In a prepared statement, Target also said that it is taking the crime seriously, and is working with the U.S. Secret Service and the U.S. Department of Justice in an ongoing investigation. As far as aiding its customers whose credit information was stolen, the company has offered its victims only a 10 percent discount on merchandise that they bought on Dec. 21 and 22.
More than a dozen similar class action suits have also been filed around the country by Target shoppers who claim they were victimized by credit card thieves as a result of the chain's security break.