We previously reported that Target Corp.’s (Target) settlement with MasterCard was rejected, but now, Target agreed to pay $39 million to settle the class action filed against it on behalf of the financial institutions affected by Target’s 2013 data breach. Target will pay $20.5 million directly to class members, consisting of all U.S. financial institutions that issued payment cards that were identified as at risk due to the 2013 data breach, and $19.1 million to fund MasterCard’s Account Data Compromise program. Target has also agreed to give up its right to challenge MasterCard’s assessment of breach liability. Counsel for the financial institutions said, “This settlement is a strong and important result for those financial institutions that sustained losses as a result of the Target data breach, providing compensation well beyond what the card brand networks offered.” This settlement is another example (in addition to the $67 million settlement with Visa stemming from the same data breach) where financial institutions have not had to bear the burden of a data breach in which they had no hand.