I was just making fun of the info highlighted in the press release. If I have it right, the Target breach affected 41 million people. Helping them put it in the rear view mirror for ~$10 million is quite a service.
That's how class actions work. The lawyers extract a fee from the perpetrator as protection against larger settlements/judgments.
Perp limits their downside, law firm gets paid, consumers are left holding the bag.
AFAIK, one of our attorneys was involved in 2 with Target, one for $10mil and one for $13mil. We're also involved with Home Depot and other data breach cases. They scope of those breaches is much smaller than this one, by the way.
Maybe it was a different Target data breach?