BUSINESS

Target To Pay $10 Million To Settle Lawsuit From Massive Data Breach

FILE - In this Friday, Nov. 28, 2014 file photo, a shopper pays for her purchases at a Target store in South Portland, Maine.
FILE - In this Friday, Nov. 28, 2014 file photo, a shopper pays for her purchases at a Target store in South Portland, Maine. Criminals stole personal information from tens of millions of Americans in data breaches last year. Of those affected, one in three became victims of identity theft, according to research firm Javelin. (AP Photo/Robert F. Bukaty, File)

WASHINGTON, March 18 (Reuters) - Target Corp has agreed to pay $10 million in a proposed settlement of a class-action lawsuit related to a huge 2013 data breach that consumers say compromised their personal financial information, court documents show.

Under the proposal, which requires federal court approval, Target will deposit the settlement amount into an interest bearing escrow account, to pay individual victims up to $10,000 in damages.

The claims will be submitted and processed primarily online through a dedicated website, according to the court documents.

The proposal also requires Target to adopt and implement data security measures such as appointing a chief information security officer and maintaining a written information security program.

"We are pleased to see the process moving forward and look forward to its resolution," said Target spokeswoman Molly Snyder.

CBS News, which earlier reported the settlement, said a court hearing on the proposed settlement was set for Thursday in St. Paul, Minnesota.

Target has said at least 40 million credit cards were compromised in the breach during the 2013 holiday shopping season and may have resulted in the theft of as many as 110 million people's personal information, such as email addresses and phone numbers.

A U.S. judge in December cleared the way for consumers to sue the retailer over the breach, rejecting Target's argument that the consumers lacked standing to sue because they could not establish any injury.

The case is In re: Target Corporation Customer Data Security Breach Litigation, U.S. District Court, District of Minnesota, No. 14-md-02522. (Reporting by Peter Cooney in Washington and Supriya Kurane in Bengaluru; Editing by Eric Walsh and Anupama Dwivedi)

HuffPost

BEFORE YOU GO

PHOTO GALLERY
Seven More Secure Alternatives To Passwords