Banks To Judge: Stop The Target/MasterCard Settlement

Some of the banks and credit unions whose customers’ MasterCard payment cards were compromised in Target’s huge 2013 data breach are trying to stop a proposed $19 million settlement between the retailer and the card brand, Reuters reported.

Lawyers for the financial institutions filed a motion on Tuesday (April 21), asking a federal judge in St. Paul, Minnesota, to block the settlement, which they said was actually aimed at preventing the card issuers from suing Target for their costs in recovering from the breach. The judge will hear the motion on Monday (April 27).

“The agreement between Target and MasterCard is nothing more than an attempt by Target to avoid fully reimbursing financial institutions for losses they suffered due to one of the largest data breaches in U.S. history,” Charles Zimmerman, the co-lead attorney for the banks and credit unions, said in a prepared statement. “It provides paltry restitution for the substantial losses suffered. This sweetheart deal for Target was negotiated without involvement of the court or the legal representatives of the impacted financial institutions.”

Target didn’t offer Reuters a comment on the card-issuers’ action. But the fourth-largest U.S. retailer has previously said the settlement with MasterCard would cover banks’ costs to reissue credit and debit cards affected by the data breach. The plan requires acceptance by issuers of 90 percent of the affected cards no later than May 20, and would make payments to banks by the end of June.

Target reported in 2013 that at least 40 million payment cards were compromised by the breach during November and December that year, and the compromise might also have resulted in the theft of personal information on as many as 110 million people.

MasterCard represents just over 25 percent of payment cards issued in the U.S., according to data from the Nilson Report. That suggests that the $19 million settlement would cover more than 10 million of the cards affected by the Target breach.