Skip to content

menu

Open Legal Blog Archive logo
HomeAboutBlogsFAQsSubmit

Home Depot Prevails in Shareholder Derivative Lawsuit Over 2014 Data Breach

By Hunton & Williams LLP on December 3, 2016

Recently, the U.S. District Court for the Northern District of Georgia dismissed a shareholder derivative lawsuit against Home Depot Inc. (“Home Depot”) arising over claims that Home Depot’s directors and officers (the “Defendants”) acted in bad faith and violated their duties of care and loyalty by disregarding their oversight duties in connection with a 2014 data breach. The case is In re Home Depot Inc. S’holder Derivative Litig., N.D. Ga., No. 1:15-CV-2999-TWT.

The lawsuit, filed in August 2015, alleged that the Defendants violated their duties by maintaining insufficient internal oversight and controls over the company’s data security and by failing to implement and regularly test basic network security infrastructure, including firewalls, malware and antivirus software, leading to the compromise of approximately 56 million payment cards. The presiding judge, Judge Thomas W. Thrash, dismissed the claims based on shareholder plaintiffs’ failure to make a demand on the Board of Directors to take action or show why such a demand would be futile, as is required for shareholder derivative lawsuits under Federal Rule of Civil Procedure Rule 23.1.

  • Posted in:
    Privacy & Data Security
  • Blog:
    Privacy & Information Security Law Blog
  • Organization:
    Hunton Andrews Kurth LLP

Open Legal Blog Archive, Inc. logo
Seattle, Washington
Copyright © 2026, Open Legal Blog Archive, Inc. All Rights Reserved.
Law blog design & platform by LexBlog LexBlog Logo