There’s a new development in the Home Depot data breach saga, which has been ongoing since 2014 when hackers infiltrated self check-out terminals.
The retailer has reached a new settlement with dozens of banks, agreeing to pay $25 million for damages incurred as a result of the breach. The breach was considered colossal, affecting 50 million customers.
You can read the settlement agreement docs here.
The settlement was filed this week in federal courts in Atlanta. It also requires Home Depot to tighten its own cybersecurity practices and scrutinize its vendors more closely.
Fortune covered the settlement and highlighted the disparity between payments to consumers and payments to the financial industry:
“The settlement and related legal proceedings are important because they show how payment-related breaches put companies on the hook not just to consumers, but to banks and the credit card industry. Indeed, court filings show Home Depot has paid far more to the financial industry than to consumers.
In addition to this week’s $25 million settlement, Home Depot has also paid at least $134.5 million in compensation to consortiums made up of Visa, MasterCard, and various banks.
On the consumer side, Home Depot last year agreed to a $19.5 million settlement to affected customers that included a $13 million cash fund as well as credit monitoring services.
Indeed, banks refunded customers’ unauthorized purchases so it’s easier for banks to show the damages from the breach.
“Today, cyber-risk remains a huge concern for companies, which must guard not only internal computer networks, but also a sprawling number of third-party vendors that can connect to their systems,” according to the Fortune story.
Are you covered for identity theft?
Image: Pixabay