Target in $39.4 million settlement with banks over data breach
By Jonathan Stempel and Nandita Bose
(Reuters) - Target Corp has agreed to pay $39.4 million to resolve claims by banks and credit unions that said they lost money because of the retailer's late 2013 data breach.
The settlement filed on Wednesday resolves class-action claims by lenders seeking to hold Target responsible for their costs to reimburse fraudulent charges and issue new credit and debit cards.
Target previously said at least 40 million credit cards were compromised in the breach, and that as many as 110 million people may have suffered the theft of personal information such as email addresses and phone numbers. A Target spokeswoman said on Wednesday that 70 million people may have lost personal data.
The Minneapolis-based retailer has taken steps to avoid a recurrence, including being among the first U.S. retailers to install microchip-enabled card readers at all stores.
Wednesday's settlement calls for Target to pay as much as $20.25 million to banks and credit unions, and $19.11 million to reimburse MasterCard Inc card issuers.
Target reached a similar accord with MasterCard in April, but it was rejected the next month when card issuers deemed the sum too low.
The settlement won preliminary approval from U.S. District Judge Paul Magnuson in St. Paul, Minnesota, who called it "fair, reasonable and adequate," court records showed. A hearing on final approval was scheduled for May 10, 2016.