Judge certifies class action over Target data breach

(Reuters) — A U.S. judge on Tuesday certified a class action against Target Corp. brought by several banks over the retailer's massive data breach in 2013.

U.S. District Judge Paul Magnuson in St. Paul, Minnesota, said the banks could pursue their claims together over the breach, which compromised at least 40 million credit cards during the holiday season.

Target did not immediately comment on the decision.

In a statement, Charles Zimmerman, one of the lead lawyers representing the banks, said, "This important ruling brings financial institutions one step closer to collectively holding Target accountable for its unprecedented data breach."

The decision, which makes a settlement with the banks more likely, comes four weeks after Target agreed to pay as much as $67 million to financial institutions that issue Visa Inc. cards, in a deal struck directly with the card network.

Earlier this year, a proposed $19 million settlement with MasterCard Inc. fell through when not enough banks accepted the agreement.

It is not clear how many Visa card issuers accepted the terms of that deal by the deadline of Sept. 4.

Mr. Zimmerman has said the Visa deal, like the failed MasterCard settlement, does not fully reimburse banks for their losses and was negotiated without input from the plaintiffs.

The Target breach was one in a series of high-profile data security failures to hit major retailers, including Home Depot Inc. and Staples Inc.