Target has agreed to pay $39.4 million to resolve claims by banks and credit unions that are said to have lost money because of the retailer’s notorious 2013 data breach.
The settlement filed on Wednesday with the federal courts in St. Paul, Minnesota resolves class-action claims by financial institutions holding Target accountable for their costs to reimburse fraudulent charges and issue new debit & credit cards to cardholders.
Target has said that at least 40 million credit cards were compromised during this breach and that up to 110 million people may have had personal information like email addresses and phone numbers compromised as well.
Wednesday’s settlement requires Target to pay as much as $20.25 million to credit unions and financial institutions and $19.11 million to reimburse MasterCard card issuers. This settlement covers all financial firms that issue payment cards put at risk by the breach and who did not previously release claims against the retailer.
Since this notorious data breach, Target has taken huge steps to avoid such a situation from happening again. In fact, Target is the first U.S. retailer to install microchip enabled card readers at all stores. While the damage done by the breach is exponential and impacts millions of individuals, it’s important to note that steps to better protect consumers personal information and credit credentials are being taken.
Companies can no longer be ignorant to the fact that they could very well be the next victim of a data breach and can learn from corporations like Target and Home Depot that are experiencing the financial & legal consequences that come with suffering from a data breach. Security is constantly evolving and staying up the date with the latest threats that could impact your organization could put you one step ahead and could be the difference between a massive data breach and an easy fix.
For example, the Target & Home Depot data breaches could have been easily avoided by implementing a hardened build standard with precision change detection (the PCI DSS recommends using the CIS Benchmarks as the best hardening standard to adopt). Hardening coupled with breach detection technology (FIM-based Host Intrusion Detection system or HIDS), would ensure that, even if a breach was successful, at least you would be alerted to the issue immediately and be in a position to take action to prevent any card data loss.
The notion of security best practices have been established for a reason, and without them in place, breaches will continue to intensify and affect millions of people around the world. NNT’s Change Tracker Gen7 equips any organization with best in class Breach Detection & Prevention solutions like File Integrity Monitoring and Change & Configuration Management to help protect for consumers credentials and information from a possible data breach.