Mississippi has joined 46 other states and the District of Columbia in an $18.5 million settlement with the Target Corporation in the 2013 data breach. The Attorney General’s office announced that the states’ investigation, which is led by Connecticut and Illinois, discovered that on November 12, 2013 cyber attackers were able to access Target’s gateway server through credentials stolen from a third-party vendor.
The breach affected more than 41 million customer payment card accounts and contact information for more than 60 million customers.
“We are living in a cyber world, therefore we must take additional steps to ensure consumers are protected,” said General Hood. “Our Consumer protection division, along with others across the country is happy to see this case settled and to see Target implementing ways to protect their customers from future hacks.”
Along with the monetary payment to the states, the settlement agreement requires Target to develop, implement and maintain a comprehensive information security program and to employ an executive or officer who is responsible for executing the plan. The company is required to hire an independent, qualified third-party to conduct a comprehensive security assessment.
Mississippi will receive $22,714.21 from the settlement.