Target Corp. reached an agreement with MasterCard Worldwide issuers on Dec. 2, 2015: the Minneapolis-based retailer will award as much as $39 million to U.S. MasterCard-issuing banks adversely affected by the massive data breach Target experienced in December 2013. This exceeds a previous offer of $19 million to MasterCard issuers disclosed in April 2015. Eligible issuers had until May 20, 2015 to respond to individual settlement offers.
A group of small banks opposing the initial settlement included Mutual Bank in Whitman, Mass.; Village Bank in St. Francis, Minn.; CSE Federal Credit Union in Lake Charles, La.; First Federal Savings of Lorain in Lorain, Ohio; and Umpqua Bank in Roseburg, Ore. Litigants claimed the offer insufficiently addressed expenses related to the breach that hit Target at the height of the 2013 holiday period.
Plaintiffs further noted that small financial institutions lack the infrastructure and economies of scale to absorb expenses related to data breaches. These costs can include payment card reissuance, help desk services and up to a year of free credit monitoring for potentially affected account holders.
Settlement terms, which call for Target to pay up to $20.25 million in damages to affected banks and credit unions and up to $19.11 million in reimbursement to banks and credit unions, are subject to approval pending a May 10, 2016, final hearing in Minnesota District Court.
Presiding Judge Paul A. Magnuson has ruled in other cases brought against Target by consumers, U.S. card issuing banks and credit unions in response to the 2013 data breach. Magnuson's approval of punitive actions against the retailer reflect Minnesota's policy of punishing companies that fail to secure consumers' credit and debit card information. The case sets a new precedent for retailer liability, analysts said.
"An estimated [annual, global] cost of $1.8 billion in fraudulent credit card transactions is a heavy burden for the retail market to bear," said James Harris of Volumatic, a U.K.-based cash-handling equipment manufacturer. "If retailers' estimates of online sales growth are correct, from an average of 6 percent of total sales to a figure of 15 percent in North America, then this cost to retailers (which is ultimately borne by consumers) is going to grow exponentially."
In a separate August 2015 settlement, Target agreed to pay up to $67 million to Visa Inc. issuers. A Target spokeswoman said the company has paid approximately $290 million in damages resulting from the data breach. She added that the breach may have compromised as many as 40 million credit and debit card accounts, impacting up to 110 million consumers.
Consumers who participated in a class action lawsuit and provided documented proof that their accounts had been compromised will be among the first to receive their settlements. Remaining settlement funds will be evenly disbursed among participating members who did not submit proof of damages.
In November 2015, Target stated it plans to close 13 stores in 11 states, including Arizona, California, Florida, Indiana, Iowa, Kentucky, Michigan, Minnesota, Ohio, Texas and Wisconsin.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.Prev Next