Target Corp. agreed to pay banks $19 million for costs they incurred in the 2013 data breach that exposed the payment-card and personal information of tens of millions of customers.
The estimated cost of the settlement is already reflected in breach-related liabilities the retailer established in its past two fiscal years, Minneapolis-based Target said Wednesday in a statement.
MasterCard Inc. would distribute Target’s funds to the banks that issue the network’s credit cards, and the money will help cover the cost of reissuing bank cards and any fraud that resulted from the breach. The settlement is conditioned on at least 90 percent of eligible MasterCard accounts accepting their recovery offers by May 20.
Target has estimated that hackers stole credit- and debit-card data, as well as personal information, for as many as 110 million customers during the 2013 holiday shopping season. The retailer last month agreed to pay $10 million to at least 70 million customers whose personal information may have been taken.