Business
Target settles data breach case for $18.5M
Target is paying the largest data breach settlement in history, with it due to pay $18.5 million for the November 2013 hacking of its servers.

Target agreed to pay $18.5M to more than 40 million of its customers, to settle a 2013 data breach lawsuit. It’s the largest ever settlement for a data breach case, covering victims across 47 US states and the District of Columbia.
According to a USA Today report, investigators said hackers breached the retail giant’s servers in November 2013, using credentials stolen from a third-party. The suspects then accessed a customer service database and grabbed confidential customer data: names and phone numbers, payment and credit card numbers, and email addresses.
Some 41 million customer payment accounts were affected by the breach, while the contact information of 60 million Target customers was also compromised.
Earlier, Target also agreed to pay $10,000 to consumers who prove they suffered losses as a result of the data breach. The company also offered free credit monitoring services to the victims. These were part of a $10 million settlement in 2015, for a class action lawsuit.

Target suffered a breach in its serves in 2013(Source)
In a statement, Connecticut Attorney General George Jepsen said the case should be a lesson to companies, for them to take data security policies and procedures more seriously. He said failure to do so exposes sensitive information to hackers. Jepsen had led the investigation along with Illinois counterpart Lisa Madigan.
On Tuesday, Target said it worked with state investigators to address claims related to the case. The Minneapolis-based company added, it is pleased that the case has been resolved. It also noted that the costs of the settlement are reflected in its liability reserves, that were disclosed previously.
Under the settlement, Target agreed to accomplish the following:
- develop, implement and maintain a data security program
- designate an employee or officer to oversee and execute the program;
- conduct a data security assessment through in independent expert;
- install and maintain security data software on its servers and networks.
The company also agreed to separate data of cardholders from the rest of its network; as well as to better control network access. This includes password rotation and two-factor authentication.

-
Biotech2 weeks ago
Vytrus Biotech Marks Historic 2024 with Sustainability Milestones and 35% Revenue Growth
-
Crypto6 days ago
Ripple Launches EVM Sidechain to Boost XRP in DeFi
-
Africa2 weeks ago
Côte d’Ivoire Unveils Ambitious Plan to Triple Oil Output and Double Gas Production by 2030
-
Impact Investing17 hours ago
Shein Fined €40 Million in France for Misleading Discounts and False Environmental Claims
You must be logged in to post a comment Login