Target settles with MasterCard for $19M in breach

17/04/2015 19:19

April 16--Target Corp. has reached a $19 million settlement with MasterCard that is a big step toward resolving pending claims from banks and credit unions over losses from the retailer's massive 2013 data breach.

Card-issuing institutions spent millions to replace cards and cover fraudulent transactions after the breach, in which hackers accessed card or personal information from as many as 110 million people.


The deal the Minneapolis-based retailer and MasterCard announced Wednesday is contingent on approval from those banks. At least 90 percent of the eligible MasterCard accounts would need to release both entities from any other claims, including a class-action lawsuit against Target brought by banks that is pending in federal court in St. Paul.


Eileen Simon, MasterCard's chief franchise integrity officer, said in a statement that the company considers the settlement "a reasonable solution."

"The timely reimbursement of costs and losses under the agreement delivers MasterCard issuers a faster and more certain resolution to the event," Simon said, "while reinforcing our commitment to maintain the integrity of industry security standards."


The proposed settlement does not include Visa. A Target spokesman said he had no update to share on the retailer's negotiations with Visa.

"We are hopeful that Target's agreement to pay up to $19 million to settle the claims of MasterCard and its issuers will result in a high level of issuer acceptance," Scott Kennedy, president of financial retail services at Target, said in a statement. "Target intends to continue to defend itself vigorously against any assessments made by MasterCard on behalf of MasterCard issuers that do not accept their offers."

The proposed $19 million settlement is already included in the $252 million in costs Target has said it expects to pay in the aftermath of one of the largest retail data breaches during the holiday shopping season in 2013. About 40 million customers had their payment card information stolen after hackers infiltrated Target's point-of-sale systems. Another 70 million people had their personal information swiped, too.

And it is separate from the $10 million settlement the company reached last month in a class-action lawsuit brought by consumers whose cards were stolen during the breach.


After the data breach, banks spent millions of dollars to reissue cards and reimburse consumers for fraudulent charges.

If the conditions of the proposed $19 million settlement are met, accepting issuers will be paid by the end of the second quarter this year.

MasterCard said those that do not accept the offer will have their claims determined by the network's internal processes. It added that they may receive more or less than the amount offered in the settlement depending on a number of factors.

Kavita Kumar -- 612-673-4113