Daily Management Review

Target Agrees to Pay $39.4 Million in Settlement with Banks Over Data Breach


Target Agrees to Pay $39.4 Million in Settlement with Banks Over Data Breach
Paying for their late 2013 data breach as claimed by banks and credit unions, Target Corp has agreed to pay $39.4 million to resolve claims.
Lenders had sought to hold Target responsible for their costs to reimburse fraudulent charges and issue new credit and debit cards. The settlement that was filed on Wednesday resolved the class-action related to the above filed by lenders.
As many as 110 million people may have suffered the theft of personal information such as email addresses and phone numbers, Target had previously said, with at least 40 million credit cards compromised in the breach.
A Target spokeswoman said on Wednesday that 70 million people may have lost personal data.
Among the many steps that the Minneapolis-based retailer has taken to avoid a recurrence included being among the first U.S. retailers to install microchip-enabled card readers at all stores.
As part of the settlement, Target would have to pay $19.11 million as reimbursement to MasterCard Inc card issuers and as much as $20.25 million to banks and credit unions.
In May, MasterCard had rejected a similar accord proposed by Target a month earlier and claimed that the compensation offered was too low.
Court records show that U.S. District Judge Paul Magnuson in St. Paul, Minnesota called the settlement as "fair, reasonable and adequate" while giving primary approval to the settlement. A hearing on final approval was scheduled for May 10, 2016.
Earlier this year, Target reached a $10 million settlement with shoppers and agreed to pay Visa Inc card issuers as much as $67 million over the breach. The latter accord won court approval last month.
While the company had announced last week that it expected at least $90 million of the $290 million is had spent in relation to the breach, to be reimbursed by insurers. However despite the settlement, the company still faces probes by the Federal Trade Commission and state attorneys general as well as lawsuits by shareholder.
Target spokeswoman Molly Snyder said the retailer was "pleased that the process is continuing to move forward."
All financial institutions that issued payment cards put at risk by the breach, and which did not previously release their claims against Target were all covered by the latest settlement.
The plaintiffs in this settlement claim have included Umpqua Holdings Corp in Roseburg, Oregon; Mutual Bank in Whitman, Massachusetts; Village Bank in St. Francis, Minnesota; CSE Federal Credit Union in Lake Charles, Louisiana; and First Federal Savings of Lorain in Lorain, Ohio.
However the banks and credit unions that are associated with Target have claimed that their members incurred more than $200 million of expenses related to the breach.
"Financial institutions should not always have to bear the burden of extensive costs related to merchant data breaches over which they have no control," the plaintiffs' lawyers, Charles Zimmerman and Karl Cambronne, said in a joint statement.
Target will also pay the plaintiffs' legal fees, pending court approval, and will not appeal any sum of $20 million or less, court papers show.