Target Corp. has reached a preliminary settlement with banks affected by the retailer’s 2013 breach, agreeing to pay out $39.4 million to the financial institutions.
The banks had joined forces in a class action suit against Target seeking reimbursement for the fraudulent charges they had to cover and the costs of issuing new payment cards post-breach.
In the breach, which occurred during the 2013 holiday season, cyberthieves accessed point-of-sale terminals at hundreds of Target stores and siphoned off the credit card and other personal information of as many as 110 million customers. The breach also caused a shakeup at the company, leading to the resignation of its CIO, a restructuring of its security and IT organization and the eventual ouster of the company’s CEO.
Under the terms of the settlement, filed in a St. Paul, Minn., court Wednesday, banks and credit unions would get about $20.25 million while another $19.11 million would be put toward reimbursing those who issued MasterCards, according to a report by Reuters.
In May, a proposed $19 million breach settlement between Target and MasterCard was terminated, since conditions of the deal were not met by an important deadline.
Earlier in the week, court documents revealed that Home Depot had reached a settlement with MasterCard, pending approval of issuing banks, over a 2014 breach.
UPDATE: This story has been updated to include information about a prospective settlement relating to the Home Depot breach.