Target to Pay $18.5 Million in Data Breach Settlement

Target has agreed to pay $18.5 million to settle claims made by 47 states and the District of Columbia to resolve a multi-state investigation into the retailer’s massive data breach in late 2013, CNBC reports. The investigation, which was led by the Attorneys General of Illinois and Connecticut, discovered that the cyber attackers had accessed Target’s gateway server through credentials that were stolen from a third-party vendor. This was arguably one of the biggest data breaches to hit a U.S. retailer.

Target had reported that hackers pilfered data from up to 40 million credit and debit cards of shoppers who visited its store during the 2013 holiday shopping season. California will get more than $1.4 million from this settlement, the largest slice of the pie. The costs associated with the settlement are already reflected in the data breach liability reserves that Target has previously recognized and disclosed, the company announced in a statement. Target has also put the total cost of the data breach at $202 million. The retailer has settled with the states and financial institutions, but has yet to finalize a settlement on a pending consumer class action lawsuit.

Settlement Details

As part of this settlement with the states, Target is required to adopt advanced measures to secure consumer information. This includes employing an executive whose job is to primarily oversee a comprehensive security program and advise its CEO and the board. Under this agreement, Target is also required to hire an independent, third party to conduct a comprehensive security assessment and encrypt or otherwise protect card information to make it useless if stolen.

The Reality of Data Breaches

Data breaches are more common than they’ve ever been. This is obviously because almost all of our personal information is stored digitally. The number of U.S. data breaches tracked in 2016 hit an all-time record high of 1,093, according to a report recently released by the Identity Theft Resource Center and Cyberscout. This represents a substantial hike of 40 percent of the near record high of 780 reported in 2015.

Since 2005, the ITRC has been identifying data breaches in five industry sectors. In 2016, the business sector again topped the list in the number of data breach incidents, with 494 reported, representing 45.2 percent of the overall number of breaches. This was followed by the healthcare/medical industry (377 incidents), representing 34.5 percent of the overall total. The education sector (98) followed at 9 percent, the government/military (72) at 6.6 percent and the banking/credit /financial sector (52) at 4.8 percent.

How Can You Protect Yourself?

There is no question that millions of consumers in the United States have already had their personal information compromised in these data breaches. That includes the loss or theft of such sensitive data as credit card and debit card numbers (and their expiration dates), Social Security numbers and health records. You may feel helpless in the aftermath of a massive data breach such as the one that affected Target. However, there are many steps you can take to protect yourself and prepare for the worst. A groundbreaking California state law was the first to require companies to notify consumers about security data breaches. Consumers are better off for it because they now know what types of steps they need to take if their critical data has been stolen. Here are a few tips to avoid falling victim to a data breach or to defend your already compromised information.

Be vigilant, but there is no cause for panic. Most instances of data breach don’t actually result in identity theft. As long as you are paying attention to charges on your bank and credit card accounts, there is no liability or real harm. So, as long as you are paying attention, there is no reason to despair, even if you have been the victim of a massive data breach.

If you have suffered losses as the result of a data breach, you may be able to join a class action lawsuit seeking compensation and to hold the at-fault corporations accountable. If you are the victim of a data breach and/or identity fraud, contact an experienced California consumer law firm that can help protect your rights and hold the at-fault parties liable.

Consumer News

Latest blogs

beach body lawsuit
25 September

Beachbody to Pay $3.6 Million Penalty in Consumer Protection Case

Beachbody, which is one of the world’s largest sellers of exercise videos, supplements and weight loss programs, will not only pay $3.6... (Read more)

target class action
27 July

Target to Pay $18.5 Million in Data Breach Settlement

Target has agreed to pay $18.5 million to settle claims made by 47 states and the District of Columbia to resolve a... (Read more)

Tesla class action lawsuit
7 June

Tesla Faces Class Action Lawsuit Over Defective Autopilot Software

Tesla is facing its first U.S. legal challenge over semi-autonomous technology in a consumer class action lawsuit accusing the electric carmaker of... (Read more)

Not Sure If You Have A Case?

Our Consumer Protection Lawyers Can Help

  • Former president of the Orange County Trial Lawyers Association
  • Has recovered hundreds of millions of dollars
  • Distinguished “Multimillion Dollar Advocate”
  • Distinguished “Super Lawyer”
  • 10 out of 10 attorney rating by AVVO


Ghazala D

From the very beginning, Scott was nothing but kind and courteous, and he explained each step of the legal process and answered all of my questions with patience. My case was handled with smooth precision, and I was very happy with the results. I definitely recommend The Cooper Law Firm!

Brittany K

The Cooper Law Firm was great! I had 2 experiences with them and it was easy and hassle free and also took up very little of my time. My outcomes were great with both cases. Everyone at the office was very nice and helpful as well.