United States District Court, D. Minnesota
In re: Target Corporation Customer Data Security Breach Litigation, This document relates to: Financial Institution Cases
[Copyrighted Material Omitted]
For Plaintiff's Lead Counsel, Plaintiff: Charles S Zimmerman, LEAD ATTORNEY, Brian C Gudmundson, Zimmerman Reed, PLLP, Minneapolis, MN; Felipe J Arroyo, LEAD ATTORNEY, PRO HAC VICE, Robbins Arroyo LLP, San Diego, CA; Karl L Cambronne, LEAD ATTORNEY, Bryan L Bleichner, Chestnut Cambronne, PA, Mpls, MN; Vincent J Esades, LEAD ATTORNEY, Heins Mills & Olson, PLC, Mpls, MN; James J Pizzirusso, Hausfeld LLP, Washington, DC; Jennifer J Sosa, Milberg LLP, New York, NY.
For Plaintiff's Liaison Counsel, Plaintiff: Christopher R Walsh, LEAD ATTORNEY, Walsh Law Firm, Mpls, MN; E Michelle Drake, LEAD ATTORNEY, Nichols Kaster, PLLP, Mpls, MN; Garrett D Blanchfield, Jr, LEAD ATTORNEY, Reinhardt Wendorf & Blanchfield, St Paul, MN; Karen Hanson Riebel, LEAD ATTORNEY, Lockridge Grindal Nauen PLLP, Mpls, MN; Amanda R Cefalu, Anderson, Helgen, Davis & Nissen, LLC, Minneapolis, MN; Jennifer J Sosa, Milberg LLP, New York, NY.
For Target Corporation, Defendant: Douglas H Meal, LEAD ATTORNEY, Ropes & Gray LLP, Boston, MA; Michael A Ponto, Wendy J Wildung, LEAD ATTORNEYS, Faegre Baker Daniels LLP, Mpls, MN; David F McDowell, PRO HAC VICE, David Frank McDowell, Nancy R Thomas, Morrison & Foerster LLP, Los Angeles, CA; Fred B Burnside, DAVIS WRIGHT TREMAINE (SEA), SEATTLE, WA; Harold J McElhinny, Jack W Londen, Rebekah Kaufman, PRO HAC VICE, Morrison & Foerster LLP, San Francisco, CA; Michael John Agoglia, Morrison & Foerster, San Francisco, CA; Michelle L Visser, Ropes & Gray LLP, San Fransisco, CA; Patrick J. Kenny, ARMSTRONG TEASDALE, LLP, St. Louis, MO; Robert G. Flanders, Jr, Jr., Hinckley, Allen & Snyder LLP, Providence, RI; Samuel James Boone Lunier, Morrison & Foerster LLP, San Francisco, CA; Sterling Arthur Brennan, MASHOFF BRENNAN, IRVINE, CA.
For Target.com, Defendant: Douglas H Meal, LEAD ATTORNEY, Ropes & Gray LLP, Boston, MA; Michael John Agoglia, LEAD ATTORNEY, Morrison & Foerster, San Francisco, CA; Michael A Ponto, Wendy J Wildung, LEAD ATTORNEYS, Faegre Baker Daniels LLP, Mpls, MN; David F McDowell, PRO HAC VICE, Morrison & Foerster LLP, Los Angeles, CA; Harold J McElhinny, Jack W Londen, Rebekah Kaufman, PRO HAC VICE, Morrison & Foerster LLP, San Francisco, CA.
For Target Corporation of Minnesota, Defendant: Douglas H Meal, LEAD ATTORNEY, Ropes & Gray LLP, Boston, MA; Michael A Ponto, Wendy J Wildung, LEAD ATTORNEYS, Faegre Baker Daniels LLP, Mpls, MN; David F McDowell, PRO HAC VICE, Morrison & Foerster LLP, Los Angeles, CA; Michelle L Visser, Ropes & Gray LLP, San Fransisco, CA; Rebekah Kaufman, PRO HAC VICE, Morrison & Foerster LLP, San Francisco, CA; Seth A. Schmeeckle, Lugenbuhl, Wheaton, Peck, Rankin & Hubbard, New Orleans, LA.
For Target Corporation of Minnesota, Inc., Target.com, Defendants: Douglas H Meal, LEAD ATTORNEY, Ropes & Gray LLP, Boston, MA; Michelle L Visser, Ropes & Gray LLP, San Fransisco, CA; Rebekah Kaufman, PRO HAC VICE, Morrison & Foerster LLP, San Francisco, CA; Wendy J Wildung, LEAD ATTORNEY, Faegre Baker Daniels LLP, Mpls, MN.
MEMORANDUM AND ORDER
Paul A. Magnuson, United
States District Judge
This matter is before the Court on Defendant Target Corporation's Motion to Dismiss the Consolidated Amended Class Action Complaint (Docket No. 163) in the Financial Institution Cases. For the reasons that follow, the Motion is granted in part and denied in part.
In December 2013, Defendant Target Corporation, a Minnesota-headquartered retailer that is one of the nation's largest retail chains, announced that over a period of more than three weeks during the busy Christmas holiday shopping season, computer hackers had stolen credit- and debit-card information for approximately 110 million of Target's customers. Lawsuits soon followed this announcement, and ultimately the Judicial Panel on Multidistrict Litigation consolidated all federal lawsuits into this litigation. The multidistrict litigation consists of two distinct types of claims: those brought by consumers and those brought by financial institutions. The Motion at issue here seeks to dismiss only the Consolidated Amended Class Action Complaint (Docket No. 163) filed in the financial institution cases.
The court in another consumer data breach case has succinctly described the nation's credit- and debit-card system as follows:
Every day, merchants swipe millions of customers' payment cards. In the seconds that pass between the swipe and approval (or disapproval), the transaction information goes from the point of sale, to an acquirer bank, across the credit-card network, to the issuer bank, and back. Acquirer banks contract with merchants to process their transactions, while issuer banks provide credit to consumers and issue payment cards. The acquirer bank receives the transaction information from the merchant and forwards it over the network to the issuer bank for approval. If the issuer bank approves the transaction, that bank sends money to cover the transaction to the acquirer bank. The acquirer bank then forwards payment to the merchant.
In re Heartland Payment Sys., Inc. Customer Data Sec. Breach Litig., 834 F.Supp.2d 566, 574 (S.D. Tex. 2011) (footnote omitted), rev'd in part sub nom. Lone Star Nat'l Bank, N.A. v. Heartland Payment Sys., Inc., 729 F.3d 421 (5th Cir. 2013). Plaintiffs here are a putative class
of issuer banks whose customers' data was stolen in the Target data breach.
Plaintiffs' Complaint consists of four claims against Target. Count One contends that Target was negligent in failing to provide sufficient security to prevent the hackers from accessing customer data. Count Two asserts that Target violated Minnesota's Plastic Security Card Act, and Count Three alleges that this violation constitutes negligence per se. Count Four claims that Target's failure to inform Plaintiffs of its insufficient security constitutes a negligent misrepresentation by omission.
Target now seeks dismissal of all claims, arguing that Plaintiffs have failed to plead sufficient facts to establish any of their claims.
When evaluating a motion to dismiss under Rule 12(b)(6), the Court assumes the facts in the Complaint to be true and construes all reasonable inferences from those facts in the light most favorable to Plaintiffs. Morton v. Becker, 793 F.2d 185, 187 (8th Cir. 1986). However, the Court need not accept as true wholly conclusory allegations, Hanten v. Sch. Dist. of Riverview Gardens, 183 F.3d 799, 805 (8th Cir. 1999), or legal conclusions that Plaintiffs draws from the facts pled. Westcott v. City of Omaha, 901 F.2d 1486, 1488 (8th Cir. 1990).
To survive a motion to dismiss, a complaint must contain " enough facts to state a claim to relief that is plausible on its face." Bell A. Corp. v. Twombly,550 U.S. 544, 545, 127 S.Ct. 1955, 167 L.Ed.2d 929 (2007). Although a complaint need not contain " detailed factual allegations," it must contain facts with enough specificity " to raise a right to relief above the speculative level." Id. at 555. " Threadbare recitals of the elements of a cause of action, supported by mere conclusory statements," will not pass muster under Twombly. Ashcroft v. Iqbal,556 U.S. 662, 678, 129 S.Ct. 1937, 173 L.Ed.2d 868 (2009) (citing Twombly, 550 U.S. at 555). In sum, this standard " calls for ...