MINNEAPOLIS—A federal judge has given a preliminary OK to a $10-million settlement of a consolidated class action lawsuit filed on behalf of consumers affected by the 2013 Target data breach.
The proposed settlement is only for people who can prove damage; it does not provide any funds for financial institutions and the costs they incurred. The ruling by U.S. District Judge Paul Magnuson is in follow-up to an early settlement proposal by Target and attorneys for the plaintiffs. It includes a provision for Target to an additional $6.75 million in plaintiffs’ attorneys fees and expenses. Target has reported spending $162 million to date on breach-related expenses, minus that which has been covered by insurance. The company currently has approximately $2.2 billion in cash.
In the massive Target breach, payment data from approximately 42 million customers was stolen over the 2013 holidays through malware installed on POS terminals. In addition, other information such as e-mail addresses was stolen for approximately 60 million people.
Under the just-approved settlement, Target is placing $10 million in escrow for the class action suit settlement that would pay victims up to $10,000 each provided they can document their losses. The $10 million would not ever revert to Target. The current agreement calls for setting up a website to handle any claims.
In the wake of the earlier announcement of a potential settlement, CUNA CEO Jim Nussle issued a statement saying, “It shouldn’t take a court-approved settlement for Target to provide basic security measures to protect American consumers from data breaches. For 15 months, credit unions and their members have been pushed to the backburner waiting to be reimbursed for over $30 million lost, at no fault of their own, due to Target’s failure to safeguard the data of its customers. Credit unions continue to protect their members as a result of merchant data breaches – and there’s no end in sight. It’s high time for merchants to be held to the same standards as financial institutions to ensure all consumers’ private information is protected.”