Today, Target and a class of banks that issued credit cards that were compromised in the Target data breach announced they have reached a $39.4 million settlement.

Up to $20,250,000 of the settlement will go to a Settlement Escrow Account for the class members.  The class of banks covered by the settlement includes “entities in the United States and its Territories that (i) issued Compromised Payment Cards and (ii) have not previously released Target with respect to all of the Compromised Payment Cards that they issued.”  To recover from this account, card issuers will have the option of (a) receiving at least $1.50 per compromised payment card, above any amount they receive from Master Card’s or Visa’s recovery programs; or (b) receiving at least 60% of their total fraud, reissuance and other costs, less money received through a network recovery program.  The remaining $19,107,939.38 will be disbursed to MasterCard’s Account Data Compromise (“ADC”) recovery program.

Target also agreed to pay all costs of administering the settlement, and “the fees, costs, expenses, and Service Payments awarded by the Court” up to a maximum total of $20,000,000.

Because this case is a class action, the district court must ultimately approve the settlement between the parties.  We will continue monitoring this case.