Target has
agreed to pay MasterCard-issuing banks and credit unions as much as $19 million
to reimburse for losses related to the Holliday season 2013 hack that resulted
in up to 40 million accounts
being breached. For more information on data breach, see my previous blog
postings.
The settlement covers the costs of reissuing credit and debit
cards after the breach, as well as fraudulent charges on those cards. In order
for the agreement to proceed, at least 90% of eligible MasterCard issuers must acquiesce
to the settlement. The deadline to accept the offer is May 20th.
Target disclosed in a recent financial filing that it has incurred
$252 million of breach-related expenses.
Last month, Target also settled
a class-action lawsuit with individual cardholders for $10 million.
Target’s high-profile breach pushed banks, retailers and card companies
to increase security by speeding the adoption of microchips in U.S. credit and
debit cards. Some argue chip cards are safer, because unlike magnetic strip
cards that transfer a credit card number when they are swiped at a
point-of-sale terminal, chip cards use a one-time code that moves between the
chip and the retailer’s register. The result is a transfer of data that is useless
to anyone except the parties involved. Chip cards are also believed to be nearly
impossible to copy.