In November and December of 2013, the personal information of approximately 110 million Target consumers was compromised, 40 million of which included names and credit card information.  According to the notification by Target to the Office of Consumer Affairs and Business Regulation, as many as 947,000 Massachusetts residents were affected.  As a result of the breach, a class-action lawsuit was filed by consumers on August 25, 2014 in the United States District Court, District of Minnesota.

On Thursday, March 19, 2015, the Court entered an Order Certifying a Settlement Class, Preliminarily Approving Class Action Settlement and Directing Notice to the Settlement Class.  The hearing for final approval of the Settlement is scheduled for November 10, 2015.  Before that date, there are some important points to be considered by consumers affected by the Target data breach.  Target will fund the payment of claims up to a combined total of $10 million.

The Court appointed Rust Consulting, Inc. as the Settlement Administrator, together with Kinsella Media, LLC for class notice and claims administration.  Within 45 days of the March 19th Order, the Settlement Administrator will begin to send the Notice by email to affected consumers for whom Target has an email address.  Thereafter, if Target does not have an email address, but has a physical address, a postcard Notice will be sent.  If Target has neither of these, consumers should look for the Notice to be published in major newspapers and media sources.  A website and toll-free number will be created in the coming weeks for consumers to obtain further information and deadlines related to this Settlement.

If you believe you are among those affected by the Target data breach, you may:

  • Submit a claim for reimbursement from the Settlement Fund;
  • Exclude yourself from the class; or
  • Formally object to the Settlement.

The Notice you receive via email or postcard or view in the media will provide instructions on how to submit a claim, exclude yourself from the class-action, or object to the Settlement.  For example, to submit a claim, you will need to submit a Claim Form detailing any compensation you seek, including unauthorized charges on your credit card or bank account, time spent correcting unauthorized charges, costs incurred hiring someone to help correct your credit report or to obtain credit reports, costs incurred to replace a driver’s license or similar identification card, or other costs.

In anticipation of filing your claim, you should start to gather and prepare any documentation supporting the claim, such as credit card or bank account statements, receipts for fees paid, and include a narrative of the time you spent dealing with unauthorized charges and other related paperwork.  The requirements and procedures for timely filing a valid claim will be specified in the Notice and on the Claim Form.

If you want to exclude yourself from being a member of the class in this class-action lawsuit and not be subject to the Settlement terms, you will have to affirmatively opt out of this Settlement.  If you do not affirmatively take steps to exclude yourself from the class, you will be included in and bound by the Settlement, whether or not you submit a claim.  This means that if you do not take any action, you will not receive anything.  If you exclude yourself from the class, you reserve your right to file suit in the future for damages arising from this data breach.  The criteria and deadlines for excluding yourself from the class and this Settlement will be included in the upcoming Notice.

If you object to the Settlement and remain a member of the class, you will be included in this Settlement, but you may file a formal objection with the court regarding the Settlement.  Only members of the class subject to this Settlement may file objections.  This means that if you exclude yourself from the Settlement, you will not be able to file an objection.  The criteria and deadlines for filing your objection will be included in the upcoming Notice. 

 If you were affected by the Target data breach, watch your email, mailbox, or media sources for the Notice with information on the steps that must be taken to submit a claim, exclude yourself from the class-action, or object to the Settlement.  This Office will post more information as it becomes available.

If your personal information is compromised in a data breach and among the information hacked or misplaced, your identity and financial assets are vulnerable.  Your personal information could be used by a hacker or criminal for identity theft and fraud, such as making an unauthorized purchase on your credit or debit card, opening a new line of credit in your name, and potentially ruining your credit history.  It is important to act quickly by checking your credit reports, credit card statements, and bank statements.  If you know you have been a victim of identity theft, immediately contact your creditors and the credit reporting companies to dispute the charges and false information.  You should also file formal complaints with the Federal Trade Commission, Massachusetts Attorney General’s Office, and your local police.

See contact information for the FTC and AGO below:

Federal Trade Commission
CRC-240
600 Pennsylvania Ave., NW
Washington, DC 20580
Tel: 1-877-382-4357 (voice) / TTY: 1-866-653-4261
Complaint form:

Office of the Attorney General
One Ashburton Place
Boston, MA 02108
Tel: (617) 727-8400
Email: ago@state.ma.us
Website: www.mass.gov/ago
You may also file a complaint online

Find more information about identity theft and data breaches on our website or contact our consumer hotline at (617) 973-8787, toll-free in Massachusetts at (888) 283-3757, or contact us by email.