Retail giant Target has agreed to pay a total of $18.5 million in a settlement with 47 states over a 2013 consumer data breach that resulted in over 100 million pieces of credit card or personal information being stolen by hackers. California will receive more than $1.4 million from the settlement, the largest share of any state.
The May 23 settlement came after a multi-state investigation led by the Connecticut and Illinois Attorneys General Offices. That investigation found that hackers accessed Target’s gateway server using credentials stolen from a third-party vendor, according to statements from the participating states.