More than a year after Target announced that it had been victim to a massive data breach during the 2013 holiday season, the company is poised to pay $10 million to settle a class-action suit stemming from the incident.
CBS News reports that the proposed settlement could eventually pay individual victims up to $10,000 in damages.
“We are pleased to see the process moving forward and look forward to its resolution,” a Target spokesperson tells CBS News.
The class-action case is just one of dozens facing the retailer after the data breach, which occurred between November 24 and December 15, 2013.
When Target finally uncovered the breach it was thought that as many as 40 million credit and debit cards were stolen from nearly all of retailer’s 1,797 stores.
Investigators looking into the matter believe that thieves captured customer information through the use of software on payment terminals, harvesting the information when shoppers swiped their cards at checkout.
The breach kicked off a string of similar hacks at retailers across the country including Home Depot, Michael’s and other national chains.