Recently we wrote about the data breach that occurred at Target’s point-of-sale systems in stores across America. The breach lead to the theft of roughly 40 million credit card numbers, names, and CSV codes. Here’s what’s been happening since the announcement:
Target could be facing roughly a $90 fine for every customer whose information was stolen. Companies that accept major credit cards have to adhere to the Payment Card Industry Data Security Standard, a set of rules designed to govern the acceptance of credit cards by retailers. The “PCI Counsel” (formed by the major payment card companies) oversees these standards, and if found to be non-compliant, Target may face up to $3.6 billion in fines alone.
Surprise! Target is now facing all sorts of lawsuits from individuals and groups of consumers. While these will certainly add up, it seems that some of the more pro-consumer states are getting seriously involved in the matter. The attorney generals of Massachusetts, New York, South Dakota, and Connecticut have all rolled up their sleeves thus far. Martha Coakley, the attorney General for Massachusetts, led a multistate class action suit against TJ Maxx after 90 million cardholder’s information was stolen in 2007, so you can see where this is going…
Only time will tell, but it won’t be surprising if more states jump on this bandwagon.
3. Very angry consumers
The thieves that pulled off this data breach aren’t just sitting on the loot. Just a couple days after the announcement was made, batches of the stolen credit cards were already hitting the black market. As more consumers find unauthorized charges on their bank statements, the class action suits grow while trust in Target dwindles. Who can tell how long it will take to earn back the trust of the public.
Again, this is a perfect example of how cyber insurance can mitigate losses in a data breach situation. With the right policy in place, Target would have coverage for the costs to restore their systems, handle the notification and customer service costs related to the breach, and even lost profits from downtime. In the modern era of digital commerce, it’s essential to prepare for the worst, and cyber liability insurance is a big piece of the puzzle.