Target (NYSE: TGT) and one of its security vendors, Trustwave Holdings, were hit with a lawsuit on Wednesday over the massive data breach that occurred in December reports Reuters.
Trustmark National Bank and Green Bank are seeking damages of more than $5 million, accusing Trustwave of failing to detect vulnerabilities in Target's network. The banks are seeking class-action status in the suits which were filed March 24. The lawsuit also claims that Trustwave reassured Target that it was protected against hacks or data breaches, according to the report.
Trustmark and Green Bank say that they have lost money from alerting customers to the breach, reimbursing fraudulent charges and reissuing cards. The financial organizations estimate these losses could top $1 billion for card issuers they hope to represent in a class-action suit, and $18 billion for banks and retailers combined.
Banking associations have previously estimated that Target's data breach has cost banks and credit unions more than $200 million.
Target was hit with a massive data breach during the holiday season that compromised more than 40 million credit and debit cards. Target subsequently announced an additional 70 million people had personal information stolen in the breach.
Since Target's breach, several other retailers have faced security scares, including Neiman Marcus, Sears (NYSE: SHLD) and, most recently, Sally Beauty Supply (NYSE: SBH). Sally Beauty earlier this month said that about 25,000 credit card numbers were stolen during a data breach, but new evidence shows the hack could have been much larger, reports KrebsOnSecurity. Information from 282,000 cards has been found to be potentially linked to the Sally Beauty breach.
Shoppers blame retailers for data breaches, Congress blames Target
Sally's data breach possibly affected up to 280,000 customers
More Target trouble: Jobs slashed amid reports the breach could have been prevented
Target invests $5 million in security education, offers free credit monitoring to customers for 1 year
Target: Timeline of a data breach