Filed earlier this month, the settlement ends class-action claims by lenders seeking to hold Target responsible for money it had to pay out in reimbursements for fraudulent charges as well as costs in issuing new credit and debit cards.
An estimated 40 million people were affected by the breach, according to Target, with possibly as many as 110 million having had their personal information — such as email addresses and phone numbers — stolen and as many as 70 million having had their personal data hacked.
In an effort to stop another breach from happening, Target says it has enacted measures such as being one of the first retailers in the country to install microchip card readers in all of its locations.
The terms of the settlement call for Target to pay banks and credit unions just over $20 million and some $19 million in reimbursement to MasterCard issuers.
A similar deal was reached in April between Target and MasterCard, but that agreement was scuttled when card issuers rejected the sum as inadequate.
The settlement won preliminary approval from U.S. District Judge Paul Magnuson in St. Paul, who called it “fair, reasonable and adequate,” court records showed. A hearing on final approval was scheduled for May 10, 2016.
The news of the Target settlement comes on the heals of other major breaches, which have included hacks into Home Depot, JPMorgan Chase, eBay and the insurance company Anthem.