Target has reached a settlement with Visa in respect of claims arising from the cyber-attack against Target that was identified in December 2013, which exposed the personal information of millions of customers. This included the credit card information of an estimated 40 million customers.

Target will cover expenses that banks and other Visa card issuers incurred to address the fallout from the cyber-attack, including from cancelling and reissuing cards and dealing with fraudulent transactions. It is estimated that Target will pay up to $67 million under the agreement.

It is likely that Target will now try to resume settlement discussions with Mastercard. A previous settlement attempt in May this year fell through due to card issuers not supporting the deal.

However, a group of smaller institutions are continuing in their efforts to commence a class action against Target on account of losses they suffered from the breach incident, claiming that the Visa settlement does not fully reimburse them.

Settlements similar to that between Target and Visa are likely to be a relatively common occurrence in the aftermath of future data breach incidents where credit card information is stolen.