NEW YORK (AP) - Target has reached a deal to pay up to $67 million to settle Visa claims related to a massive 2013 data breach that resulted in the theft of millions of debit and credit card numbers.
Target Corp. and Visa Inc. confirmed the agreement Tuesday, but wouldn't put a dollar amount on the deal. A person familiar with the situation said the agreement is worth up to approximately $67 million in pre-tax payments to Visa and the financial institutions that issued the potentially affected cards.
The breach of Target's computer systems compromised 40 million credit and debit card accounts. The hackers also stole the personal information, including names and addresses, of as many as 70 million people, putting them at risk of identity theft.
Unlike a $19 million agreement between Target and MasterCard Inc. that fell apart in May, this deal isn't in danger of failing due to a lack of support from affected banks and credit unions.
The Minneapolis retailer said Tuesday that the issuers of a majority of the cards compromised in the breach have entered into direct settlements with Target and Visa, giving the two companies the green light to make a larger deal.
Charles Zimmerman, a lawyer for a group of banks that are suing Target over breach-related losses, called the settlement another attempt by the retailer to avoid fully reimbursing card issuers. His group is asking for class-action status and has a hearing scheduled for Sept. 10.
Target disclosed the breach on Dec. 19, 2013, the peak of the holiday shopping season. Shoppers, fearing for the security of their private data, avoided Target stores. The fallout negatively affected sales for months.
The breach was a major factor behind the abrupt departure of its CEO Gregg Steinhafel last year.
The incident pushed banks, retailers and card companies to speed the adoption of microchips in U.S. credit and debit cards. Chip cards are safer because, unlike magnetic strip cards that transfer a credit card number when they are swiped at a point-of-sale terminal, they use a one-time code that moves between the chip and the register. The result is a transfer of data that is useless to anyone except the parties involved. Chip cards are also nearly impossible to copy, experts say.
Target overhauled some of its divisions that handle security and technology. The company has also been upgrading its cash registers so they can accept chip cards in its nearly 1,800 stores.