Most U.S. states signed off Tuesday on a settlement with Target in connection with a massive data breach, and Maryland is among them.
The big box retailer agreed to pay $18.5 million in connection with the 2013 breach, which affected 41 million customer payment card accounts and exposed the contact info of 60 million customers. The data exposed included names, addresses and credit card info including encrypted debit PINs. It’s the largest settlement of its kind to be reached by multiple states.
In all, 46 states and D.C. will receive payouts. Maryland will get more than $600,000, according to the Daily Record.
“As a result of this settlement agreement, Target will bolster its security to prevent future data breaches,” Maryland Attorney General Brian Frosh said in a statement. “Maryland consumers should remain vigilant in protecting their personal information and take necessary steps if their identities have been stolen.”
The attackers behind the breach exploited multiple security weaknesses to access a customer service database and install malware, according to the settlement. Along with money, Target will have to bring in a third party to assess the company’s info security, and put an executive in charge of implementing a plan to improve. Target is also required to put steps in place from segmenting cardholder data from the rest of the network, to ensure that passwords have two-factor authentication.
Before you go...
To keep our site paywall-free, we’re launching a campaign to raise $25,000 by the end of the year. We believe information about entrepreneurs and tech should be accessible to everyone and your support helps make that happen, because journalism costs money.
Can we count on you? Your contribution to the Technical.ly Journalism Fund is tax-deductible.
Join our growing Slack community
Join 5,000 tech professionals and entrepreneurs in our community Slack today!
