Breach, Data Security

Report: $19M breach settlement between MasterCard, Target terminated


A proposed $19 million breach settlement between Target and MasterCard has reportedly been terminated, since conditions of the deal were not met by an important deadline this week.

By Wednesday, card issuers impacted by the 2013 Target breach needed to represent “at least 90 percent of the eligible MasterCard accounts accepting their alternative recovery offers,” MasterCard told Reuters on Friday. But, the required showing of banks failed to seek claims through the settlement by May 20, ultimately leaving the deal null and void.

The Credit Union Times broke the news of the “dead” deal on Thursday, and on Friday, MasterCard confirmed the reports with Reuters.

Ironically enough, a group of banks and credit unions filed a motion to block the proposed settlement announced in April, but a federal judge denied the request this month. Despite his decision, U.S. District Court Judge Paul Magnuson wrote in the order that “plaintiffs' lead counsel's issues with the settlement are understandable,” though “not susceptible of a legal remedy.”

Judge Magnuson added that “plaintiffs' lead counsel, who were neither involved in nor informed of the settlement before the public announcement, were not surprisingly discomfited, the more so because of the short time-frame in which banks must decide whether to participate in the settlement and thereby give up their claims here.” He ultimately denied the motion to block the settlement, ruling that the court could not enjoin the proposed deal solely because it “suspects that neither the settlement nor the putative class's options are completely fair.”

In its April announcement, MasterCard said that under the terms of the proposed settlement Target would make up to $19 million available in “alternative recovery” for eligible banks and credit unions globally in order to settle claims for operational costs and fraud-related losses on MasterCard-branded cards affected by the breach. The companies worked to strike up a deal after the retail giant suffered a major payment card breach in 2013 affecting around 110 million people.

Regarding the "reported dissolution" of the settlement, the National Association of Federal Credit Unions (NAFCU) Senior Vice President of Government Affairs and General Counsel Carrie Hunt issued a statement in support of the development.

"Credit unions deserve to be fully compensated for their losses that were no fault of their own,” said Hunt. “The failure to opt in to the settlement by financial institutions sends a strong signal to card companies that the current reimbursement system does not work and financial institutions need to be made whole."

Hunt later added that "litigation does nothing to prevent future breaches."

"That is why we continue to urge Congress to act to protect consumers' financial information by enacting stronger standards and holding retailers and merchants directly accountable for their data breaches," she said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.