This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.

Freshfields Risk & Compliance

| less than a minute read
Reposted from Freshfields Technology Quotient

Target Settles Investigations into 2013 Cybersecurity Breach

The hack into Target's computers has spawned attention, law suits, and investigations.  Now, Target has put its state investigations behind it, by entering into a settlement with 47 states and the District of Columbia.  

The settlement highlights a few things that those doing business in the US should be mindful of:

1)  When you are dealing with data, you are dealing with a wide array of regulatory frameworks -- at least one per state.  So, when you have issues, you need to think of all 50 states, and the federal system.

2)  Fines for data-related breaches can be large -- Target agreed to pay $18.5 million.  Although sizable, this is not the largest fine ever imposed for a US data breach.  AT&T was fined $20 million in 2015, for instance.  

3)  The fine was not the only expense Target faced.  Target has settled one of its breach-related lawsuits for $39 million.  

Target has reached an $18.5 million settlement with 47 states and the District of Columbia to resolve the states’ investigation into the company’s 2013 data breach — the largest multistate data breach deal ever reached, according to a statement by multiple states’ attorneys general on Tuesday