Target settles for $19m with MasterCard after huge data breach

US retailer makes offer after leaking 40 million credit card details

Target sign on the front of a store

Target has reached a $19 million settlement with MasterCard over a data leak that lost 70 million customer records to hackers.

The US retailer will put up to $19 million into a pot of cash to settle the claims of banks, from whom cyber thieves stole 40 million credit card details by infecting Target store payment systems with malware.

The huge data hack, which took place in November and December 2013, saw a court rule that the retailer was guilty of negligence last December.

Target had ignored multiple alerts from its FireEye-provided early warning system, and purposely disabled security software that may have prevented the breach.

Its agreement with MasterCard depends on 90 per cent of MasterCard account holders accepting the pay out by May 20, but would see the card issuers receive their compensation by June.

Scott Kennedy, president of financial and retail services at Target, said in a statement: "We are hopeful that Target's agreement to pay up to $19 million to settle the claims of MasterCard and its issuers will result in a high level of issuer acceptance.

"Target intends to continue to defend itself vigorously against any assessments made by MasterCard on behalf of MasterCard issuers that do not accept their offers."

However, any bank accepting the cash will be forced to drop any pending class action lawsuits against the retailer.

Eileen Simon, chief franchise integrity officer at MasterCard, said: "We believe this settlement provides our issuers a reasonable resolution of the Target data breach event.

"The timely reimbursement of costs and losses under the agreement delivers MasterCard issuers a faster and more certain resolution to the event, while reinforcing our commitment to maintain the integrity of industry security standards."

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Recommended

FBI warns of ongoing corporate vishing attacks
phishing

FBI warns of ongoing corporate vishing attacks

19 Jan 2021
Hackers using COVID vaccine as a lure to spread malware
hacking

Hackers using COVID vaccine as a lure to spread malware

15 Jan 2021
Cyber criminals bypassing MFA to access cloud service accounts
two-factor authentication (2FA)

Cyber criminals bypassing MFA to access cloud service accounts

14 Jan 2021
Capcom data breach adds another 40,000 estimated victims
data breaches

Capcom data breach adds another 40,000 estimated victims

13 Jan 2021

Most Popular

IT retailer faces €10.4m GDPR fine for employee surveillance
General Data Protection Regulation (GDPR)

IT retailer faces €10.4m GDPR fine for employee surveillance

18 Jan 2021
Citrix buys Slack competitor Wrike in record $2.25bn deal
collaboration

Citrix buys Slack competitor Wrike in record $2.25bn deal

19 Jan 2021
Should IT departments call time on WhatsApp?
communications

Should IT departments call time on WhatsApp?

15 Jan 2021