Security firm Trustwave says Target data breach claims baseless

Sun Mar 30, 2014 8:17am IST

A view of the sign outside the Target store in Westminster, Colorado, February 26, 2014. REUTERS/Rick Wilking/Files

A view of the sign outside the Target store in Westminster, Colorado, February 26, 2014.

Credit: Reuters/Rick Wilking/Files

Related Topics


Rajalakshmi (C), 28, smiles after winning the Miss Wheelchair India beauty pageant in Mumbai November 26, 2014. REUTERS/Danish Siddiqui

Miss Wheelchair India

Seven women from across India participated in the country's second wheelchair beauty pageant, which aims to open doors for the wheelchair-bound in modelling, film and television, according to organisers  Slideshow 

(Reuters) - Trustwave Holdings Inc, a credit-card security firm that has been sued along with Target Corp (TGT.N) over a sweeping data breach, said on Saturday it did not process cardholder data for the retailer or handle Target's data security as a lawsuit alleges.

In a letter to customers and business partners, Trustwave Chief Executive Robert McCullen said the company's connection to Target was not what had been portrayed in a suit filed last Monday by two banks seeking at least $5 million in damages.

"Contrary to the misstated allegations in the plaintiffs' complaints, Target did not outsource its data security or IT obligations to Trustwave. Trustwave did not monitor Target's network, nor did Trustwave process cardholder data for Target," said the letter from McCullen posted on the company's website.

"These claims against Trustwave are without merit," the letter added.

The lawsuit filed in Chicago federal court by Trustmark National Bank and Green Bank NA accuses Target and Trustwave of failing to properly secure customer data, enabling the theft of about 40 million payment card records plus 70 million other records, including addresses and phone numbers.

The banks said they lost money from alerting customers to the breach, reimbursing fraudulent charges and reissuing cards. Those losses could increase, they said, if criminals ultimately use several million stolen cards as some analysts project.

While the complaint seeks unspecified damages of at least $5 million, New York-based Trustmark and Houston-based Green Bank said losses could top $1 billion for card issuers they hope to represent in a class action, and $18 billion for banks and retailers combined.

Target, the no. 3 U.S. retailer, already faces dozen of lawsuits over the breach, but the lawsuit filed on Monday appears to be the first to focus on Trustwave, a privately held Chicago-based provider of credit-card security services.

The data breach occurred from November 27, the big post-Thanksgiving shopping day known as Black Friday, to about December 15.

The case is Trustmark National Bank et al v. Target Corp et al, U.S. District Court, Northern District of Illinois, No. 14-02069.

(Reporting by Jonathan Stempel in New York, and Jim Finkle in Boston; Writing by Carey Gillam in Kansas City; Editing by Peter Cooney)


Online Grocery Shopping

Tech Showcase

Google in Europe

Google in Europe

Insight - Behind Google's Europe woes, American accents  Full Article 

Uber Lawsuit

Uber Lawsuit

Uber CEO must turn over emails in gratuity lawsuit, U.S. judge rules  Full Article 

Wikileaks Hacker

Wikileaks Hacker

Icelandic hacker says guilty of stealing money from Wikileaks  Full Article 

Motorola Case

Motorola Case

U.S. court rejects Motorola Mobility price-fixing appeal  Full Article 

Reuters India Mobile

Reuters India Mobile

Get the latest news on the go. Visit Reuters India on your mobile device.  Full Coverage