Nebraska was part of an $18.5 million settlement involving 46 other states and the District of Columbia.
Connecticut and Illinois led the investigation, which resulted in the largest multistate data breach settlement achieved to date, according to the Nebraska Attorney General’s Office.
An investigation found that in November of 2013 a cyber-attack accessed Target’s gateway server with credential stolen from a third-party vendor. The attack gained access to the store’s customer service databased, getting full names, telephone numbers, email and mailing addresses, payment card numbers, expiration dates, CVV1 codes, and encrypted debit PINs.
The data breach gained access to more than 41 million customer payment card accounts and contact information for more than 60 million customers.
In addition to the payout, Target has agreed to increase its data security. Target must hire an independent, qualified third-party to conduct a comprehensive security assessment.
For information about how to protect yourself as a consumer, file a consumer complaint, or report a scam, please visit the Nebraska Attorney General’s Office, Consumer Protection Division website at www.protectthegoodlife.nebraska.gov or call (800) 727-6432.