By Marcos Colon

Target has taken what seems like the last step in putting its massive 2013 data breach behind it.

In a recent settlement with state attorneys general over the incident that compromised the information of millions of its customers, the retail giant has agreed to pay $18.5 million to 47 states and the District of Columbia, according to The New York Times.

In what’s considered the largest ever multistate data breach settlement, only three states will not receive payment; Alabama, Wisconsin and Wyoming.

As part of the settlement, Target also agreed to hire an executive to manage an information security program, as well as advise its chief executive and board, according to CFO.

In a statement released on the matter, California Attorney General Xavier Becerra said that this should “send a strong message to other companies: You are responsible for protecting your customers’ personal information.”