Financial institutions claiming exposure to Target's 2013 data breach are one step closer to collecting a $39 million settlement.
Judge Paul Magnuson of the U.S. District Court for the District of Minnesota approved the settlement, and Target will pay $20 million to a general settlement fund and about $19 million to a MasterCard-managed recovery fund.
Target will also pay about $19.9 million in attorneys' fees to the class counsel and will pay $100,000 total to the class representatives in a payout that’s separate from the settlement.
Target and the banks had been long squabbling over the size of the settlement, with financial institutions contending earlier offers didn't cover the potential exposure.
The new settlement is one of a series of payouts for the Minneapolis-based retailer, which suffered a massive security incident during the holiday season in 2013 that left millions of cards potentially exposed to web crooks.
It was the first of a series of breaches in among big box retailers over the past three years that have shaken confidence in the industry's security practices and provided a marketing pitch for e-commerce merchants. The incident also created a huge branding problem for Target, which became a patient zero for retail security vulnerability.
Target earlier settled class action cases with consumers for $10 million and Visa for $67 million. The retailer also invested about $100 million to accelerate its chip card migration.