Target Reaches Settlement With Visa Over 2013 Data Breach
August 18 2015 - 1:40PM
Dow Jones News
Target Corp. reached an agreement with Visa Inc. that will
reimburse card issuers as much as $67 million for costs incurred by
the retailer's massive data breach during the 2013 holiday shopping
season, according to people familiar with the situation.
The deal, which came after months of negotiations, covers credit
cards and debit cards issued by thousands of financial institutions
under the Visa brand.
The two companies confirmed that they struck a deal, although
they didn't disclose the amount that would be paid in the
settlement.
Target's breach was one of the largest in recent years, exposing
40 million credit and debit cards to fraud and causing an unknown
amount of losses to card-issuing banks.
The exact amount of fraud that resulted from the Target breach
still isn't known. Trade groups representing community banks and
credit unions estimate that they have spent more than $350 million
to reissue credit and debit cards and deal with other issues
related to the Target breach and a subsequent hacking at Home Depot
Inc.
Target said it was pleased with the deal. Visa said "this
agreement attempts to put this event behind us" as it concentrates
on shifting consumers to more secure payments.
The pact comes two months after issuers unexpectedly rejected a
$19 million settlement that Target had negotiated with MasterCard
Inc. That deal, reached in April, required the approval of 90% of
banks representing cardholder accounts that were affected by the
breach.
The Visa deal appears to have more certainty, however, because
Target said that it has already received support from Visa's
largest card issuers.
Card issuers have long complained about the process by which
they are reimbursed for data breaches and the fraud that results
from them. They say that the reimbursement doesn't begin to cover
the costs associated with issuing new cards and adding more
call-center staff to handle customer questions.
People familiar with the settlement said that the amount being
paid by Target includes the maximum amount that is laid out in
Visa's regulations.
Target is also dangling an incentive to issuers that will
reimburse them for any fraud that stemmed from certain debit-card
transactions as long as those issuers agree not to sue the
retailer. Those transactions cover debit cards that are branded by
Visa, but are routed over other networks, these people said.
The maximum amount to be paid by Target under both scenarios is
$67 million.
Target said the costs of the settlement were already reflected
in its previously reported fiscal 2013 and 2014 results.
While cardholders aren't responsible for unauthorized purchases,
lenders are on the hook to cover the cost of fraud and expense of
reissuing cards when a breach occurs. MasterCard and Visa typically
negotiate with the breached entities to recover losses for their
card-issuing banks.
"Nevertheless, the fact remains that data breaches are an
unfortunate situation for all parties involved—especially
consumers," Visa said.
Write to Robin Sidel at robin.sidel@wsj.com
Subscribe to WSJ: http://online.wsj.com?mod=djnwires
(END) Dow Jones Newswires
August 18, 2015 13:25 ET (17:25 GMT)
Copyright (c) 2015 Dow Jones & Company, Inc.
Target (NYSE:TGT)
Historical Stock Chart
From Mar 2024 to Apr 2024
Target (NYSE:TGT)
Historical Stock Chart
From Apr 2023 to Apr 2024