Target is poised to settle a class-action lawsuit to victims of a massive data breach in 2013 by paying as much as $10 million as a settlement fund. The 97-page settlement states that each victim can receive up to $10,000 in damages if they are able to prove that they have experienced financial losses due to the breach.
The settlement seemed to have earned an agreement between Target and the legal representatives of the victims on March 9 and was later on submitted for the federal judge's approval on Wednesday. According to court documents, the settlement was reached as a result of "intensive mediated negotiations" which were overseen by a former Chief Magistrate Judge during the course of the class-action lawsuit filed against Target.
The massive data breach was revealed in 2013 during the holiday shopping season. At least 40 million credit cards were said to be compromised and may have cost as many as 110 million people their personal data such as email addresses and telephone numbers. Investigators of the case believe that the breach was done through an installed software on payment terminals which had been designed to read cards. Almost all of Target's 1,797 stores sprawled in the U.S. were affected by the breach, reaching damage costs of up to $148 million.
Apart from the financial side of the settlement, Target will also adopt new measures to enhance security. These include appointing an information security officer, maintaining a hard copy of its security program, maintaining a process to monitor for information security events, responding to such events which seemed determined to present a threat and providing security training to Target employees. Claims of the victims shall be submitted and processed using a dedicated website.
To be eligible for a portion of the settlement fund, a victim should be able submit proper and reasonable documentation proving that their losses were incurred from the Target data breach. Other information needed would be a clear proof that an actual harm was made.
Target is also required to pay attorney's fees and expenses. The company is not allowed to make an appeal on the requirement if the fees were not found to have exceeded $6.75 million.
The proposed settlement indicates that if the person shopped at Target between the dates of Nov. 27 and Dec. 18, 2013, or the person has been notified that his personal data had been compromised, he can be eligible to receive a portion of the $10 million settlement fund.
"We are pleased to see the process moving forward and look forward to its resolution,"saidTarget spokeswoman Molly Snyder.
Photo:
Jay Reed |Flickr