(Reuters) - Target Corp is nearing a settlement with MasterCard Inc to reimburse financial institutions about $20 million for costs incurred from the retailer’s massive data breach in 2013, the Wall Street Journal reported.
The deal, which comes after months of negotiations, could be announced as soon as this week, according to the Journal, citing people familiar with the terms of negotiations.
The $20 million covers costs that banks incurred to reissue credit cards and debit cards as a result of the breach, as well as some of the fraud that resulted from the exposure of customer information, the newspaper said.
In 2013, Target said at least 40 million credit cards were compromised by the breach during the holiday shopping season, and the attack might have resulted in the theft of personal information, such as email addresses and telephone numbers, from as many as 110 million people.
MasterCard will distribute the reimbursed funds to the financial institutions that issue credit cards and debit cards under its brand, including Citigroup Inc, Capital One Financial Corp and J.P. Morgan Chase & Co, the Journal said.
The Target settlement does not include financial institutions that issue under the Visa Inc brand. Target is negotiating separately with Visa, the report said.
In March, according to court documents, Target agreed to pay $10 million in a proposed settlement of a class-action lawsuit related to the data breach.
“We’ve seen the same story, but we do not comment on speculation,” MasterCard said when asked about the Journal’s report.
Visa were not available for comment, and a Target spokesperson said the company has not made any announcements and had no comment on the matter.
Reporting by Sai Sachin R and Sneha Banerjee in Bengaluru. Editing by Andre Grenon