Kyla Asbury Apr. 29, 2014, 10:50am

ST. PAUL, Minn. (Legal Newsline) – Target data breach class action lawsuits from 18 federal districts have been transferred to the Multidistrict Litigation Panel.

The transfer order was signed by MDL Chairman John G. Heyburn II on April 2, and the 27 actions from 18 different federal districts were transferred to the District of Minnesota and assigned to District Judge Paul A. Magnuson.

“On the basis of the papers filed and hearing session held, we find that these actions involve common questions of fact and that centralization in the District of Minnesota will serve the convenience of the parties and witnesses and promote the just and efficient conduct of this litigation,” the transfer order states.

“We are persuaded that the most appropriate location for this litigation is the District of Minnesota. Target is headquartered in that district, where 25 actions and potential tag-along actions are pending.”

The District of Minnesota is also easily accessible and relatively centrally located for the parties to the litigation, which is nationwide in scope, according to the order.

Since the panel transferred 27 civil actions to the District of Minnesota, 49 additional actions have also been transferred to Minnesota, all of which have been assigned to Magnuson with the consent of the court, according to a conditional transfer order.

Between Nov. 27 and Dec. 15, a data security breach occurred at Target stores nationwide. Target announced that data from approximately 40 million credit and debit cards was stolen.

The news of the data breach was first published by a blogger named Brian Krebs on Dec. 18.

Target failed to implement and maintain reasonable security procedures and practices appropriate to the nature and scope of the information compromised in the data breach, according to one of the class action lawsuits, which was originally filed in the District of Oregon.

Lisa Purcell, the named plaintiff in the District of Oregon suit, said as the news broke, Target finally released a statement concerning the data breach, but not one designed to notify affected customers directly.

“The information Target lost, including Plaintiff’s identifying information and other financial information, is extremely valuable to thieves,” the complaint states. “As the Federal Trade Commission recognizes, once identity thieves have personal information, they can drain your bank account, run up your credit cards, open new utility accounts or get medical treatment on your health insurance.”

The so-called track data was stolen in real time as payment cards were swiped in its stores between Nov. 27 and Dec. 15, according to a statement issued by Target.

“Investigators believe the data was obtained via software installed on machines that customers use to swipe magnetic strips on their cards when paying for merchandise at Target stores,” according to the lawsuit.

The thieves may also have accessed PIN numbers for affected customers’ debit cards, allowing the thieves to withdraw money from those customers’ bank accounts, the complaint states.

Once the breach was discovered, Target partnered with a leading third-party forensics firm that is thoroughly investigating the breach.

The actions are from the Central District of California, the Northern District of California, the Southern District of California, the District of Colorado, the Middle District of Florida, the Southern District of Florida, the Northern District of Illinois, the Southern District of Illinois, the Eastern District of Louisiana, the Middle District of Louisiana, the District of Massachusetts, the District of Minnesota, the Eastern District of Missouri, the Eastern District of New York, the District of Oregon, the District of Rhode Island, the District of Utah and the Western District of Washington.

U.S. Judicial Panel on Multidistrict Litigation case number: 0:14-md-2522

From Legal Newsline: Kyla Asbury can be reached at

More News