“Target” to pay $18.5 million settlement for 2013 data breach
target data breach

Data Leak Lawyers - Begin Your Data Breach Claim Today!

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

“Target” to pay $18.5 million settlement for 2013 data breach

Target has agreed to pay out a whopping $18.5 million to U.S customers after a nationwide data breach.

Millions of customers had their personal information compromised back in 2013.

The data breach affected customers’ contact, account, and billing information. It’s believed that a total of 60 million customers were affected.

The 2013 data breach was carried out after hackers got into Target’s servers through a third party vendor. Once in, they managed to locate a customer database and release malicious software to extract information.

While 60 million had their contact information compromised, two thirds of the same customers also had debit and credit information lifted too.

Multiple legal actions

Enforcement agencies in 47 U.S. states and the District of Columbia all brought claims against the discount retailer for the colossal data breach. The multi-million dollar settlement is thought to be the largest multi-state settlement for a data breach to date.

The state of California, which is the U.S state with the largest population, received the largest portion of the settlement. Target agreed to pay $1.4 million to the state where 7,760,000 customers were affected. However, this sum will not be going to the customers themselves, and a separate $10 million lawsuit is being brought in connection to the data breach.

2015 settlement to banks and credit unions

In 2015, Target paid out just shy of $40 million to banks and credit unions who lost money through the data breach. The sum was also to cover the risks the banks may face as a result of the data breach.

The $18.5 million sum is only part of the settlement as Target also agreed to up their security by implementing a “comprehensive information security program”. In countries where there is comprehensive data protection legislation in place – like the U.S. and U.K. – companies and authorities have a legal responsibility to ensure any information they have access to, and keep in storage, is processed and maintained in a safe and secure way. Like sending a parcel to a recipient in another city, you would expect the postal service to keep the parcel safe at all times – not lose it or allow it to be stolen.

Enforcement for changes

An executive has been brought in to ensure Target implements and maintains the security program. As a first step, the major retailer will make sure information in the customer database is at least encrypted. This way, even if hacked, the information should be useless unless the hacker has the exact decryption key. An independent third party will also oversee the security measures to ensure Target are compliant.

Statement from Target

In a statement, Target said:

“We’ve been working closely with State Attorney Generals for several years to address claims related to Target’s 2013 data breach. We’re pleased to bring this issue to a resolution for everyone involved.”

Although a settlement has been reached, the issue has not come to a complete end. Unfortunately, when it comes to data breaches, the extent of leaked information often has no expiry date. Even thirty years down the line, criminals could still hold and spread stolen information. Affected consumers were therefore encouraged to change their passwords and remain vigilant of any suspicious behaviour.

Image Source:

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy
Contact is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon