In mid-December, 2013, Target announced that hackers had stolen credit and debit card information on 70 million customers. Much of security law deals with one basic question: Did members of the board of directors fulfill their duties to shareholders? This suit alleges that the Board breached their respective duties to shareholders.
Hackers embedded cheap “off the shelve” malware onto the point of sale terminals used in Target stores. All credit card information is encrypted before it is transmitted from the point of sale terminal to the financial institutions for verification. The sensitive information is briefly stored in the point of sale terminal in plain text. By placing the malware on the point of sale terminal, the hackers took advantage of this security lapse. By the way, you or I could buy this malware online for $1,800! It is highly unlikely the hackers could get the actual pin numbers of a debit card as this number has an entirely separate encryption protocol.)
Assuming the brief description above proves to be true, shareholders can ask a series of questions to the board of directors.