The Chief Judge in the U.S. District Court for the Northern District of Georgia on September 22nd approved a settlement between Home Depot and financial institutions in the lawsuit brought in the wake of a 2014 data breach. Many credit unions, state leagues (including GCUA) and CUNA are among the plaintiffs in this lawsuit. The settlement brings an end to a long legal battle, and includes creation of a $25 million fund by Home Depot for distribution through a claims process, as well as an agreement from Home Depot to strengthen its future data security measures. Home Depot will now be required to fund the settlement and the payout of claims made should commence in the next 90 days.
It is no surprise to anyone in the industry that credit unions and their members are significantly impacted by the data breaches, and the cost of the fraud and reissuing cards growing with the repeated data breaches. On a federal level, credit unions continue to push Congress to pursue legislation to elevate the merchant data security standard, a key talking point by Georgia credit unions at their Hike the Hill earlier this month. However, the end to the Home Depot data breach lawsuit is a positive point for the industry, summarized well by CUNA President/CEO Jim Nussle: “Credit unions and their members have borne numerous costs due to data breaches such as the one that occurred at Home Depot, and this settlement is a step toward making them whole again.”
