Following the large data breach it suffered in 2013, American department store Target has agreed to pay out $10m in damages to consumers. Pending court approval of the deal, each claimant will get up to $10,000. Part of the settlement also requires the company to improve its data security and appoint a chief information security officer.
The Target hack saw at least 40 million credit cards compromised in the 2013 Christmas shopping season and may also have resulted in up to 110 million people having their personal information, email addresses and phone numbers stolen. In December 2014, a US judge allowed consumers to sue Target over the breach, even though Target had argued that the plaintiffs lacked standing because they could not show injury.
Court documents show that Target did not oppose the motion. The BBC reports that the company is expected to deposit the settlement into an interest bearing escrow account and that consumer claims will be submitted and processed mostly through a dedicated website.