Target Settles Data Breach Suit

The U.S. District Court in St. Paul, Minn. has approved Target Corp.’s (Minneapolis) $10 million offer to settle a class action lawsuit stemming from its 2013 data breach, according to The New York Times. The security breach exposed details of as many as 40 million credit and debit card accounts.

Customers may file claims of up to $10,000 with proof of their losses, including unauthorized charges, higher fees or interest rates, and lost time dealing with the problem. An estimated 100 million people may be eligible. After those claims are paid, remaining settlement funds will be divided among consumers claiming undocumented losses.

Under the terms of the settlement, Target will appoint a chief information security officer, maintain a written information security program and provide security training for staff. Target will also institute a process to monitor for future breaches and a system to respond potential threats.