Angry shoppers are lashing out at Target, filing lawsuits in California and Oregon against the retailer, alleging the store "failed to implement and maintain reasonable security procedures" when credit and debit card data for about 40 million customers was taken.
Target said it was contacting customers who shopped in its U.S. stores with a credit or debit card between Nov. 27 and Dec. 15. The company said on Friday that there's no indication that information like a customer's date of birth or Social Security number were taken.
Shares of Target Corp., based in Minneapolis, fell 1.5 percent to $61.57 on Monday morning.
"To date, we are hearing very few reports of actual fraud, but are closely monitoring the situation. We want to reassure guests that they will not be held financially responsible for any credit card or debit card fraud," Target said on Friday. Target CEO Gregg Steinhafel apologized to customers for long waiting times to reach Target's call center and website and offered customers a 10 percent discount over the weekend. Target is offering customers affected by the security breach free credit monitoring services.
"This unauthorized access is a crime, and we are taking it very seriously. While we can't provide specifics because the investigation is ongoing, we are working closely with the United States Secret Service to bring those responsible to justice," Target said.
But store traffic was down at Target over the weekend, the Wall Street Journal reported, and lawsuits were already filed by shoppers in response to the security breach.
On Thursday, Target customer Jennifer Kirk filed a lawsuit in San Francisco in the hopes of being certified as part of a class action.
Her attorney, Robert Ahdoot of law firm Ahdoot and Wolfson in Los Angeles, invites Target customers who believe they are affected by the alleged data breach to call their law firm to discuss their options.
Since the lawsuit was filed, Ahdoot said his law firm's telephone has been ringing constantly from people who allege to be Target customers.
"Since we filed, every day through the weekend, we are getting calls from individuals around the country – either they've had unauthorized withdrawals from their debit cards or they had unauthorized uses of their credit card. Most say they've never had this problem before ever," he said.
He said he has fielded calls from California, Hawaii, Florida, Texas, Arizona, New Jersey and New York, to name just some of the states.
Kirk's lawsuit accuses Target of negligence, invasion of privacy, and other actions.
"If you get right down to it, we are alleging for lack of a better word, the inconvenience of it," he said. "But it seems like quite a number of people have been affected by this."
On Friday, Lisa Purcell, a Target shopper in Portland, Ore., used her debit card at a Target store on Dec. 9 to buy Christmas-related goods for her family during the holiday season, her lawsuit states. She is suing Target for negligence and for violating Oregon's Unlawful Trade Practices Act. She is represented by the law firm Terrell Marshall Daudt and Willie PLLC.
A spokeswoman for Target declined to comment about the lawsuits.
On Saturday, JPMorgan Chase and Co. said it is notifying customers who used Chase debit cards at Target in the security breach time period are limited to $100 a day of cash withdrawals and $300 a day of purchases with their cards, affecting about 2 million accounts, or 10 percent of Chase debit cards.