Target Corp. agreed to pay $18.5 million to settle state lawsuits over a 2013 hack of its database in which the personal information of millions of customers was stolen, according to New York Attorney General Eric Schneiderman.
Indiana and 46 other states were involved in the settlement.
It’s the largest multistate accord stemming from a data breach in history, Schneiderman said.
Indiana will receive $623,097 of the settlement. The Office of the Indiana Attorney General said it can use the money at its discretion, including depositing the returned money into its Consumer Protection Division fund.
About 40 million credit and debit card users’ information was stolen in the breach, which occurred during a two-week holiday season in late December 2013 and January 2014, and compromised the home and email addresses of as many as 70 million people.
Target later said customers were reimbursed for fraudulent charges by the card issuers, but shoppers claimed they were subjected to expensive account freezes, late payment fees and other costs.