Target agreed to pay $18.5M to more than 40 million of its customers, to settle a 2013 data breach lawsuit. It’s the largest ever settlement for a data breach case, covering victims across 47 US states and the District of Columbia.
According to a USA Today report, investigators said hackers breached the retail giant’s servers in November 2013, using credentials stolen from a third-party. The suspects then accessed a customer service database and grabbed confidential customer data: names and phone numbers, payment and credit card numbers, and email addresses.
Some 41 million customer payment accounts were affected by the breach, while the contact information of 60 million Target customers was also compromised.
Earlier, Target also agreed to pay $10,000 to consumers who prove they suffered losses as a result of the data breach. The company also offered free credit monitoring services to the victims. These were part of a $10 million settlement in 2015, for a class action lawsuit.
In a statement, Connecticut Attorney General George Jepsen said the case should be a lesson to companies, for them to take data security policies and procedures more seriously. He said failure to do so exposes sensitive information to hackers. Jepsen had led the investigation along with Illinois counterpart Lisa Madigan.
On Tuesday, Target said it worked with state investigators to address claims related to the case. The Minneapolis-based company added, it is pleased that the case has been resolved. It also noted that the costs of the settlement are reflected in its liability reserves, that were disclosed previously.
Under the settlement, Target agreed to accomplish the following:
- develop, implement and maintain a data security program
- designate an employee or officer to oversee and execute the program;
- conduct a data security assessment through in independent expert;
- install and maintain security data software on its servers and networks.
The company also agreed to separate data of cardholders from the rest of its network; as well as to better control network access. This includes password rotation and two-factor authentication.
N26 introduces penalty interest on balances over €50,000
N26 recently announced that will introduce a custodian fee of 0.5% on transactions over $59,000 (€50,000). Custodian fees in Germany...
Virtual reality in the classroom: How XRApplied is making it happen
A large body of research is making a case for the revolutionary benefits of putting AR and VR in the...
Two French laboratories announced investments recently
The French laboratory Pierre Fabre announced an investment of $5.3 million (€4.5 million) to produce the active ingredients for binimetinib...
Rritual builds mass market appeal for functional mushroom adaptogens: case study in health marketing
Marketing a product in any niche is tricky, but marketing a product beyond its niche is folly. Or brilliance. The...
Italy has classified CBD as a narcotic: CBD oils are to disappear from stores
Italy has just classified CBD as a narcotic. The decree is a threat to the entire cannabis industry in Italy,...
Featured7 days ago
B2B only: Spotcap sells credit business to Ferratum
Business7 days ago
Not all software IPOs are created equal
Featured7 days ago
Domestic demand versus export demand: which is better?
Cannabis6 days ago
What types of licenses for the production of cannabis will be granted in Ecuador