Analysis of Target Decision that Loss-of-Use Damages Included Card Replacement Costs Post-Data Breach | By Joshua Mooney, Judy Selby, and Tracey Kline | Kennedys Law
A Significant Deviation: Target v. Ace Finds Loss-of-Use Damages Included Post-Breach Card Replacement Analysis On March 22, 2022, the United States District Court for the District of Minnesota ruled that two ACE insurers were obligated to indemnify Target Corporation (“Target”) for the amounts it paid to settle claims related to replacement of payment cards impacted in a data breach, vacating an earlier decision in which the court found that Target was not entitled to coverage. Target Corp. v. ACE Am. Ins. Co., No. 19-CV-2916 (WMW/DTS), 2022 WL 848095 (D. Minn. Mar. 22, 2022), vacating 517 F. Supp. 3d 798 (D. Minn. 2021). The new decision deviates from how other courts have evaluated general liability coverage for damages because of “loss of use of tangible property that is not physically injured.” Insurers would do well to take notice. Background In 2013, Target was the victim of a massive data breach that occurred after hackers installed malicious software on its computer network, which enabled them to steal the payment card data and personal contact information of an estimated 110 million individuals with Target payment cards (the “Data Breach”). Multiple lawsuits were brought against Target, including suits by financial institutions (the “Issuing Banks”) that had issued debit and credit cards (the “Payment Cards”) affected by the Data Breach. The Issuing Banks filed class action [...]