Target has reached a deal with Visa to pay its card issuers up to $67 million to settle the retailer's 2013 data breach.
The deal was confirmed by both Target (TGT) and Visa (V). Neither company would comment on the amount of the payment, but the $67 million figure, first reported by the Wall Street Journal, was confirmed by a source familiar with the deal. The 2013 hack of customer data, including credit and debit card information, affected an estimated 40 million customers. It was one of the largest hacking cases ever.
Target said it was pleased to reach the agreement and that the cost of the settlement had already been reflected in the company's previous financial results. Unlike an earlier tentative settlement with MasterCard (MA) which was not accepted by enough of its card issuers, Target said this deal with Visa has already been accepted by the major Visa issuers.
"This agreement attempts to put this event behind us, and increase the industry's focus on protecting against future compromises with new technologies," said Visa's statement.
Related: The worst hacks of all time
Target had already reached a $10 million settlement with customers under a federal class action suit. But since 40 million customers had their card information stolen by the data hack, most customers will get only a few dollars. Customers who can document larger unreimbursed losses can be reimbursed up to $10,000.