Dive Brief:
-
Target and Visa Inc. have agreed to a settlement over the retailer’s massive 2013 credit-card breach, and the retailer is in similar talks with MasterCard, the companies said Tuesday.
-
It was widely reported Tuesday that under the agreement Target will pay some $67 million for costs associated with the breach, through the companies didn’t confirm that amount. MasterCard issuers earlier this year rejected a $19 million settlement.
-
Smaller financial institutions swiftly criticized the deal as secretive and potentially failing to make them whole. "This settlement may be a start but much more needs to be done to make credit unions whole," said Carrie Hunt, SVP of government affairs and general counsel at the National Association of Federal Credit Unions in a statement. "Credit unions deserve to be fully compensated for their losses.”
Dive Insight:
Smaller financial institutions and some cardholders may yet be unsatisfied. But, with this agreement, which involves thousands of financial institutions that issue Visa cards, and potentially another with MasterCard, Target goes a long way in putting its data breach debacle behind it. The reported dollar amount goes well above Target’s earlier settlement proposal to MasterCard of $19 million.
“We are prepared to resolve the matter on comparable economics with MasterCard and its customers,” Target said in a statement Tuesday.
And it was a debacle indeed, coming as it did at the holidays, at a time when some consumers were carefully considering their spending, if for more economic reasons.
The changes that the retailer has wrought since have gone well beyond IT management and data protections, although it has catered to that, most especially by elevating the issue to the top ranks. The company, under outsider CEO Brian Cornell, has largely busted through its putative insularity, with several new hires in the executive suite. Target, which for a while lagged in e-commerce, has stepped up its game there, too, introducing mobile technologies, including beacons, and fulfillment options like in-store pickup and lower free shipping minimums.
In any case, the consequences of 2013 breach aren’t over for the retailer, but they seem for the most part to be in the rear view.