Judge OKs $10M settlement in Target data-breach suit

Associated Press

A Minnesota judge has endorsed a settlement in which Target Corp. will pay $10 million to settle a class-action lawsuit over a massive data breach in 2013.

U.S. District Judge Paul Magnuson said at a hearing Thursday in St. Paul, Minn., that he would grant preliminary approval of the settlement in a written order, probably later in the day. The move will allow people to begin filing claims ahead of another hearing for final approval, which he’ll conduct in late October or early November.

People affected by the breach can file for up to $10,000 with proof of their losses, including unauthorized charges, higher fees or interest rates, and lost time dealing with the problem.

“Target really needs to be commended for being willing to step up,” Judge Magnuson said.

Target’s data breach in 2013 exposed details of as many as 40 million credit- and debit-card accounts and hurt its holiday sales that year. The company offered free credit monitoring for affected customers and overhauled its security systems.

The settlement also would require Minneapolis-based Target to appoint a chief information-security officer, keep a written information- security program and offer security training to its workers. It would be required to maintain a process to monitor for data-security events and respond to such events deemed to present a threat.