NEW YORK – Target has proposed to pay $10 million to settle a class-action lawsuit brought against it following a massive data breach in 2013.
The retailer says in court documents filed in Minnesota that the funds will be kept in an interest bearing escrow account, with individuals affected by the breach able to be reimbursed up to a maximum of $10,000.
Claims will mostly be submitted and processed online through a dedicated website.
The proposed settlement also requires Minneapolis-based Target Corp. to appoint a chief information security officer, keep a written information security program and offer security training to its workers.
It must also maintain a process to monitor for data security events and respond to such events deemed to present a threat.
© 2015 The Canadian Press