As reported in the Privacy & Information Security Law blog, the United States District Court for the District of Minnesota, in large part, upheld Target’s assertion of the attorney-client privilege and work-product protections for information associated with a privileged, internal investigation of Target’s 2013 data breach.
Continue Reading Federal Court: Attorney-Client Privilege and Work-Product Doctrine Upheld for Materials Associated with Internal Data Breach Investigation

As reported in the Privacy & Information Security Law blog, Judge Magnuson of the U.S. District Court for the District of Minnesota certified a Federal Rule of Civil Procedure 23(b)(3) class of financial services institutions claiming damages from Target Corporation’s 2013 data breach. The class consists of “all entities in the United States and its Territories that issued payment cards compromised in the payment card data breach that was publicly disclosed by Target on December 19, 2013.”
Continue Reading Target Data Breach Litigation: District Court Certifies Class of Financial Institutions