Target US has agreed to reimburse about US$19 million (A$24.7 million) to financial institutions who had issued MasterCard-branded cards that were a part of the retailer's massive 2013 data breach.
The amount under the settlement with MasterCard covers costs that banks incurred to reissue credit cards and debit cards to customers as a result of the breach, Target said in a statement.
In 2013, Target said at least 40 million credit cards were compromised by the breach during the holiday shopping season, and warned the attack may have resulted in the theft of personal information, such as email addresses and telephone numbers, from as many as 110 million people.
The payments will be made by the end of the second quarter and is conditioned on issuers of at least 90 percent of eligible account holders accepting the offer by May 20, Target said.
The company added that the estimated costs of the settlement were already reflected in the liabilities established in fiscal 2013 and 2014.
The settlement does not include financial institutions that issue Visa-branded cards. Target is reportedly negotiating separately with Visa.
Target's shares were up less than a percent at US$82.71 at the close of trading.
Last month Target agreed to pay US$10 million (A$13 million) to settle a class-action lawsuit related to the breach.
Target proposed to deposit the settlement amount into an interest bearing escrow account, to pay individual victims up to US$10,000 in damages.
.png&h=140&w=231&c=1&s=0)
.png&w=120&c=1&s=0)
Tech in Gov 2025
Forrester's Technology & Innovation Summit APAC 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
.jpg&h=271&w=480&c=1&s=1)
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
