More Lawsuits Filed in Home Depot Data Breach

Atlanta, GALawsuits filed in the Home Depot data breach have been consolidated into a multidistrict litigation. The 11 lawsuits have reportedly been consolidated in Atlanta federal court in the Northern District of Georgia. The lawsuits allege Home Depot did not comply with data security guidelines concerning the protection of customer information.

The data breach was announced in September 2014, when Home Depot confirmed that millions of cardholders in the US and Canada had their account information - including their debit and credit card numbers, account holders’ names and addresses where the card was used - compromised. That information, according to one lawsuit, was later offered for sale on “rescator.cc,” a website where stolen card information is trafficked. Since the data breach was announced, Home Depot has warned that e-mail addresses were likely also leaked.

Lawsuits have been filed by a variety of plaintiffs, including Home Depot customers whose account information was compromised, and banks and financial institutions looking to recover the costs associated with the data breach. According to Boston Business Journal (11/10/14), three men filed a lawsuit in Massachusetts, alleging Home Depot failed to properly protect their information. That lawsuit seeks class-action status.

In a different lawsuit, the Greater Chautaqua Federal Credit Union also filed a claim seeking class-action status on behalf of similarly situated financial institutions. That lawsuit also alleges Home Depot failed to “secure and safeguard its customers’ personal and private financial information.”

The lawsuit alleges that Home Depot did not learn of the security breach until September 2, 2014, even though the breach began in April and despite high-profile breaches at Neiman Marcus and Target. Chautaqua Federal Credit Union argues that it has incurred damages of hundreds of millions of dollars for re-issuing debit and credit cards, loss of customers, covering fraudulent charges, letting customers know about the breach and dealing with customer service inquiries linked to the breach.

“According to a recent survey conducted by the Credit Union National Association, it is estimated that, for credit unions alone, 7.2 million cards were affected and credit unions incurred $60 million in direct costs,” the lawsuit states. The plaintiff also alleges that the Card Operating Regulations, issued by companies like Visa and MasterCard, require Home Depot to ensure that customer cardholder information is secure and confidential.

Millions of customers are believed to have had their information compromised in the data breach.

The lawsuit is case number MDL No. 2583.