Target is close to reaching a $20 million settlement with MasterCard to reimburse financial institutions for costs they incurred from the retailer's massive data breach in 2013.
By Robin Sidel, WSJ
Updated April 14, 2015 7:03 p.m. ET
Target Corp. is close to reaching a settlement with MasterCard Inc. to reimburse financial institutions roughly $20 million for costs they incurred from the retailer's massive data breach in 2013, according to people familiar with the negotiations.
The deal, which could be announced as soon as this week, comes after months of negotiations, these people said. The $20 million covers costs that banks incurred to reissue credit cards and debit cards as a result of the breach, as well as some of the fraud that resulted from the exposure of customer information, these people said.
The payout would be roughly the same as TJX Cos. paid to MasterCard issuers in 2008 for a data breach that exposed more than 100 million cards to fraud. TJX is the parent of discount retailer TJ Maxx and other chain stores.
The settlement underscores the ongoing financial costs that are associated with a wave of data breaches that have exposed hundreds of millions of Americans to fraud over the past year. Target disclosed in a recent financial filing that it has incurred $252 million of breach-related expenses.
Target's breach, in particular, rattled consumers because it occurred during the winter holiday shopping season. The breach compromised 40 million credit and debit card accounts.
The breach also set off a frenzy among card-issuing financial institutions as they scrambled to send new cards to customers. Some took the unusual step of reissuing cards en masse even if no fraudulent activity had been detected. It also led to renewed calls for merchants to upgrade their terminals at the checkout line to accept cards that are embedded with a computer chip that are more difficult for thieves to replicate. Target has since upgraded its stores to accept the more secure cards that are now being issued by financial institutions.
Other merchants are also upgrading their equipment ahead of an October deadline that will shift fraud liability from banks to merchants under certain circumstances. Some merchants are saying, however, they won't be able to meet the deadline.