MINNEAPOLIS, Minn.—Financial institutions may be close to getting money from Target for costs associated with the massive 2013 data breach.
According to news reports, Target is nearing a settlement with MasterCard to reimburse financial institutions about $20 million.
If the settlement happens, it could be as soon as this week, and comes after lengthy negotiations.
The Target breach is estimated to have exposed information on 40 million payment cards and personal information on 110 million people. The settlement would cover costs that banks and CUs incurred to reissue credit cards and debit cards as a result of the breach, as well as some of the fraud that resulted from the exposure of customer information, reports indicated.
Reimbursed funds will be distributed by MasterCard to the financial institutions that issue credit cards and debit cards under its brand, including Citigroup Inc., Capital One Financial and J.P. Morgan Chase, reports said. The settlement does not include banks or CUs that issue under the Visa brand. Target is negotiating separately with Visa.
NAFCU President and CEO Dan Berger said the trade association was hoping for a larger settlement figure.
“NAFCU has been in regular contact with MasterCard and VISA on data breaches as well as other payment issues,” said Berger in a release. “While we appreciate that the settlement attempts to hold Target somewhat accountable, we were hoping it would be more than just pennies on the dollar. We believe that this demonstrates the reason why Congress must act to protect consumers’ financial information by enacting stronger standards and holding retailers and merchants directly accountable for their data breaches.”
Target has also proposed paying customers affected by its 2013 data breach as much as $10,000 in damages.