Target Corp. has agreed to pay more than $39 million to resolve class-action claims from financial lenders that suffered losses after the company’s massive data breach in late 2013. The Minneapolis-based retailer was a victim of a criminal attack in December of that year, the result of which compromised the personal information and credit card numbers of millions of customers. The settlement, which is the most recent resolution in a string of several faced by the retailer, received preliminary approval by the U.S. District Court in Minnesota and will be finalized in 2016.
Plaintiffs in the lawsuit argued that Target did not adequately protect their personal data and that the retailer delayed announcing the breach for too long. Target has now taken steps to avoid a recurrence of the issue and is one of the first U.S. retailers to implement the new, more secure microchip-enabled payment technology at all of their stores. (However, point-of-sale microchip technology does not protect against all types of retail fraud; see our recent article “Employees Must Prepare for New Types of Credit Card Fraud” for more information.)
The recent $39 million settlement to banks, credit unions, and MasterCard Inc. card issuers is not the first data breach-related settlement faced by Target this year. A $67 million payout to Visa card issuers in August and a $10 million payout to resolve a class-action lawsuit with consumers in March also cost the retailer as a result of the data breach. And the story’s not over yet: The company still faces shareholder lawsuits and investigations by the Federal Trade Commission.
A statement issued by the National Association of Federal Credit Unions (NAFCU) called for retailers to be financially accountable for data breaches and exhorted Congress to take additional steps to protect consumers. “In the two years since Target’s huge data breach, consumers are still extremely vulnerable to cybercriminals during yet another holiday shopping season,” said Senior Vice President of Government Affairs and General Counsel Carrie Hunt. “We continue to urge Congress to protect consumers’ financial information by enacting national data security standards for retailers and holding them directly accountable for their data breaches.”