Big-Box Retailers Settle on Data Breaches

For big-box retailers Target and Home Depot, their widely publicized data breaches continue to be a topic of discussion, and both are coming to agreements to pay for the costly hacks to consumers’ information.

Target will pay about $39 million to banks and credit unions to resolve losses from the company’s 2013 holiday-season data breach, according to Bloomberg Business.  The article adds that “financial institutions sued the Minneapolis-based retailer to recover an estimated $200 million in losses stemming from the hack.”

According to Target spokeswoman Molly Snyder, the retailer is “pleased that the process is continuing to move forward.”

Additionally, Home Depot has just reached a contingent settlement with MasterCard International Inc. over the home improvement chain’s massive 2014 data breach. The deal was disclosed Nov. 30 in court filings in federal court in Atlanta. Details about the terms of the settlement are not included in court filings, according to the Atlanta Business Chronicle. 

Settlement negotiations between retailers and banks over the coverage of losses from data breaches have been complicated by payment card firms that step in to cut their own losses, the Bloomberg Business article says. Lawyers for the banks in the Target case criticized attempts by card firms Visa Inc. and MasterCard Inc. to negotiate separate settlements with their clients and the retailer outside of the litigation, according to the article.

The National Association of Federal Credit Unions says more needs to be done by policy makers to address the costs of breaches, and the group says “retailers should be required to adopt ‘national data security standards’ and be held ‘directly accountable for their data breaches,'” according to the Bloomberg Business article.