2013 Data Breach Settlement is Costing Target $18.5 Million

Media Division | May 25, 2017

As mentioned previously in our blog posts, data breaches can have many further consequences than the immediate data and financial loss. A data breach costs the organization reputation and consumer trust, as well as further ramifications to the public affected. And many organizations that suffer data breaches can end up facing litigation against them as well. Such is the case with massive retailer Target, who is now having to dish out a $18.5 million settlement as a result of their huge breach a few years ago.

Initial Details of the Attack and Resultant Consequences

Back in 2013, Target had been hit by one of the largest retailer data breaches, and it resulted in up to 40 million shopper’s credit and debit cards, as well as 60 million individual’s contact information being compromised. It had affected those who had shopped at Target around the 2013 holiday season. The breach had occurred through cyber attackers accessing Target’s servers with credentials from a third party vendor, and they had then infected the system with malware and captured a wide range of information. A multistate investigation and lawsuit had been pursued against the retailer, and this resulted in a verdict of them having to pay out $18.5 million to 47 states, along with the District of Columbia. Each state is receiving varied amounts of payout, but they are all quite significant, with California receiving the largest amount of $1.4 million. Part of the settlement was that each state that received a payout will have to use it to cover legal and investigation costs, as well as for consumer education and consumer law enforcement protection funds. Target was also mandated to adopt further security measures to protect their customer data. Spokeswoman Jenna Reck has said that there is also a consumer class action lawsuit that is yet to be fully settled. She stated, “There is a class action settlement that is outstanding. We have reached an agreement but it hasn’t been legally finalized yet.”

This is not the only settlement that Target has had to pay out from the incident either. They had also had to pay a 10 million dollar settlement to a class action lawsuit back in 2015.  This settlement had also included paying up to $10,000 to individuals with evidence of losses from the breach. Target has stated that the accumulated total costs of the breach have been $202 million.

The Necessity of Data Breach Solutions

With potential consequences of a breach like the above, it is vital that organizations properly secure their data, as well as have mitigative data breach solutions in place. A single data breach can absolutely destroy an organization if it is not properly and rapidly addressed. And, when contracting with third-party vendors, an organization must thoroughly explore the third party security as well, with the above being proof of that. Even with a third party having been largely responsible for a breach, any organization affected as a result also holds responsibility for having not thoroughly vetted peripheral security. An organization must, of course, have all of the necessary security implements in place to protect data, as well as ensuring third party vendor security, but they must also have a mitigative plan in place in the event of a successful attack. Many attacks and breaches are able to cause further damage simply because an organization is not able to react quick enough, which allows the threat more time for its malicious purposes. Massive Alliance offers comprehensive data breach solutions that can help organizations to prevent and mitigate breaches and attacks.

Massive's Media Division publishes timely news and insights based on current events, trends, and actionable cross-industry expertise.