Attorney General Doug Peterson announced Wednesday that Nebraska has joined with 46 other states and the District of Columbia in an $18.5 million settlement with the Target Corporation to resolve the states’ investigation into the retail company’s 2013 data breach. Nebraska will receive a little more than $199,000 from the settlement. The settlement represents the largest multistate data breach settlement achieved to date.
The states’ investigation, led by Connecticut and Illinois, found that, on or about November 12, 2013, cyber attackers accessed Target’s gateway server through credentials stolen from a third-party vendor. The credentials were then used to exploit weaknesses in Target’s system, which allowed the attackers to access a customer service database, install malware on the system, and capture data. The data accessed included full names, telephone numbers, email and mailing addresses, payment card numbers, expiration dates, CVV1 codes, and encrypted debit PINs.
The breach affected more than 41 million customer payment card accounts and contact information for more than 60 million customers.
To obtain information about how to protect yourself as a consumer, file a consumer complaint, or report a scam, visit the Nebraska Attorney General’s Office, Consumer Protection Division website at www.protectthegoodlife.nebraska.gov or call (800) 727-6432.