Target, MasterCard settle over data breach

Target will fund $19 million so MasterCard can settle complaints related to the 2013 data breach at the retailer.

Target and MasterCard have settled on a fund so the credit card issuer can pay its customers over the retailer's 2013 data breach.

Special Feature

Security and Privacy: New Challenges

As big data, the IoT, and social media spread their wings, they bring new challenges to information security and user privacy.

Read More

In a statement, Target said that it will fund up to $19 million in pre-tax alternative recovery payments, which are offers MasterCard will make to its customers affected by the data breach.

MasterCard has to help its bank and credit union partners settle claims from the data breach. The settlement with Target and MasterCard revolves around at least 90 percent of eligible credit card accounts accepting settlement offers. These settlements will either come directly from MasterCard or card issuing banks.

The costs are already reflected in Target's outlook for data breach liabilities.

Cost of a data breach: 58 cents per record, says Verizon

Target will make the $19 million payment by the end of the second quarter. Should MasterCard issues not accept the settlement offers, Target maintained that it will "defend itself vigorously."

Both MasterCard and Target are hoping most data breach victims will take the deal. Eileen Simon, chief franchise integrity officer at MasterCard, said in a statement:

We believe this settlement provides our issuers a reasonable resolution of the Target data breach event. The timely reimbursement of costs and losses under the agreement delivers MasterCard issuers a faster and more certain resolution to the event, while reinforcing our commitment to maintain the integrity of industry security standards.