Target has proposed a $ 10 million settlement to a class-action lawsuit brought against it by consumers affected by the infamous credit card data breach of 2013. The settlement, if it’s approved, could offer affected consumers up to $ 10,000 each. (Most people are likely to receive far less than that; $ 10,000 is just the maximum.)
The data breach was said to have affected 40 million credit cards when hackers were able to infect the point-of-sale systems at most of the company’s 1,934 stores in the United States. As many as 110 million people had other information, such as their email addresses and phone numbers, stolen as a result of the data breach.
Consumers aren’t the only ones who will be allowed to sue Target over the breach. A judge ruled in December 2014 that banks could seek reimbursement from the company for the costs associated with replacing so many consumers’ credit cards. The ruling could convince companies that data breaches shouldn’t be taken lightly.
Those suits might cost much more than this one: According to the New York Times, banks spent a collective $ 400 million in their response to Target’s data breach. And because the company ignored warnings about its security problems, the judge ruled that it could be held responsible for the damages incurred in the breach’s aftermath.
Data breaches are becoming increasingly common. Everyone from the Home Depot to PF Chang’s has suffered hacks of varying severity. Target is simply the most high-profile of these attacks; other companies could face similar suits in the future.
A hearing concerning the proposed settlement is scheduled for today. This post will be updated when the government decides if it will accept or reject Target’s proposal.
[illustration by Brad Jonas]