Target Settles MasterCard Data Breach Lawsuit for $19 Million

Retail giant Target continues to pay the price for a massive data breach in late 2013. The company just announced a settlement agreement with MasterCard.

Under the terms of the agreement, Target will reimburse about $19 million to financial institutions that had issued MasterCards that were part of the data breach. The money will cover the costs of MasterCard issuers around the world that had to reissue credit and debit cards to customers in the wake of the breach.

Although Target and MasterCard have agreed on terms, there is a condition to the settlement: the issuers of at least 90 percent of the eligible MasterCard accounts have to accept the offers by May 20.

EUWe are hopeful that TargetEUs agreement to pay up to $19 million to settle the claims of MasterCard and its issuers will result in a high level of issuer acceptance,EU said Scott Kennedy, president of Financial & Retail Services at Target. EUTarget intends to continue to defend itself vigorously against any assessments made by MasterCard on behalf of MasterCard issuers that do not accept their offers.EU

Moving Forward

We asked Tim Erlin, IT security and risk strategy at advanced threat protection firm Tripwire, for his thoughts on the settlement. He told us weEUre now over 12 months post-breach and Target is still working through the financial impact of the attack.

"While the direct cost of any public breach can be accounted for, it's difficult to assess the cost in terms of people's time, lost focus and lost opportunity," Erlin said. "Every breached organization has to expend effort dealing on everything from free credit monitoring and PR to detailed negotiations with card brands. There can be little doubt that these resources could have been used to focus on expanding business instead."

History of the Breach

The Target data theft was the largest...

Comments are closed.