Target Pays Largest Ever Data Breach Settlement


By: Amy C. Bender

Target has agreed to pay $18.5 million to settle claims by almost all 50 states – the largest multistate settlement and largest data breach settlement in history – arising from the 2013 incident where hackers accessed Target’s gateway server through credentials stolen from a third-party vendor and then used malware to acquire personal information from over 40 million credit and debit card accounts and contact information for more than 60 million customers. As part of the settlement, Target is required to adopt a comprehensive information security program, employ an executive to implement the changes, retain an independent third party to conduct a security assessment, and encrypt customer card and personal information, among other measures. Target separately has agreed to pay another $10 million settlement to consumers affected by the breach.

This is yet another cautionary tale of the pitfalls of a business failing to maintain and monitor effective data security measures. FMG’s Cyber team is available to help your organization be prepared for and respond to such an attack.