Login Register Subscribe
Current Issue

Bank lawyers balk at rush for Home Depot, MasterCard breach settlement

Reprints

Plaintiff attorneys representing financial institutions in litigation over Home Depot Inc.’s 2014 cyber breach are angrily denouncing a contingent settlement reached with MasterCard they say was secretly negotiated, and recommending their clients reject it.

Terms of the settlement agreement with MasterCard have not been disclosed in court filings.

A Home Depot spokesman said the retailer had nothing to do with notices issued on the proposed settlement.

In a statement issued Friday, the attorneys state, “Home Depot has sought to convince financial institutions that issued MasterCard-branded payment cards to accept a ‘settlement’ that by all available indications offers inadequate reimbursement for the losses caused by its data breach.

“In exchange, financial institutions would be required to release their claims in this litigation and forfeit any opportunity to receive additional reimbursement.

“Home Depot has concealed critical terms of this agreement with MasterCard, which was negotiated in secret without the involvement of the court or court-appointed plaintiffs’ counsel, and is being sold based on inconsistent and scant information about what it provides. Incredibly, financial institutions have only been given a few days to make a decision, suggesting the ‘settlement’ cannot withstand scrutiny.”

Notices sent to financial institutions by payment processors dated Nov. 25 and Nov. 27, which are included in a Nov. 30 court filing, state the proposed settlement will become effective if 65% of all qualified accounts accept it, and that financial institutions have until Dec. 2 or Dec. 7 to respond in order to participate in the settlement.

The Nov. 30 filing with the U.S. District Court in Atlanta seeks an immediate hearing on the notices sent to the financial institutions concerning the settlement, and has the same charges reflected in its Friday statement.

It states the proposed settlement was sent “hours before the Thanksgiving holiday when class counsel and putative class members would be otherwise occupied,” and asks that Home Depot be required to provide copies of the settlement.

The statement issued Friday also refers to the announcement earlier this week of the $39.4 million settlement between Target Corp. and its financial institutions.

The Target settlement “proves that financial institutions do not need to accept the first offer they receive directly from the card brands. By rejecting MasterCard’s initial offer, financial institutions ultimately obtained significantly greater compensation in court.

“The Target settlement sets an important precedent by showing that financial institutions can achieve greater compensation for their losses through the legal system.”

The statement says also, “Until Home Depot discloses all the facts relating to its agreement with MasterCard, financial institutions should reject any settlement that does not offer significant reimbursement for their losses beyond what they are already entitled to receive under MasterCard’s rules without releasing their legal claims.”

A Home Depot spokesman said although the company does have a tentative agreement with MasterCard, “we have not communicated, nor were we aware of, any communications about the agreement.”

The company reported in a financial filing Nov. 24 that to date it has incurred $252 million in gross expenses related to the data breach, which has been partially offset by $100 million of expected insurance proceeds.