Following 2013 Mega-Breach, Retailer Agrees to Pay Recording-Setting Fine
Target has reached a record settlement agreement with many states’ attorneys general over its 2013 data breach. The breach resulted in 41 million customers’ payment card details being compromised and contact information for more than 60 million customers being exposed.
Under the terms of the settlement agreement “into the security incident announced by Target on Dec. 19, 2013,” reached with the attorneys general of 47 states and the District of Columbia, Target will pay a fine of $18.5 million. The money will be dispersed among the states in amounts that the attorneys general have collectively agreed upon.
Per the agreement, the retailer must also comply with specific cybersecurity, auditing and reporting requirements. “[The] settlement with Target establishes industry standards for companies that process payment cards and maintain secure information about their customers,” Illinois Attorney General Lisa Madigan says in a statement. “People must remain vigilant about activity on their credit and debit cards as it’s not a matter of if but when you are going to be a victim of identity theft or a security breach.