(Bloomberg) -- Target Corp. agreed to pay more than $39 million to banks and credit unions for losses from a 2013 holiday-season data breach that led to the exposure of as many as 40 million payment cards.

The financial institutions sued the Minneapolis-based retailer to recover an estimated $200 million in costs stemming from the hack. Expenses included issuing replacement cards.

In a memorandum filed Wednesday describing the agreement, lawyers for the banks and credit unions said Target will contribute more than $20 million to a general settlement fund and more than $19 million to a separate recovery program handled by MasterCard Inc.

The accord requires court approval. A hearing is scheduled Wednesday before U.S. District Judge Paul A. Magnuson in St. Paul, Minnesota.

“This settlement is a strong and important result for those financial institutions that sustained losses as a result of the Target data breach, providing compensation well beyond what the card brand networks offered,” Charles Zimmerman, a lawyer for the financial institutions, said in a statement.

Target spokeswoman Molly Snyder said the retailer is “pleased that the process is continuing to move forward.”

The Consumer Bankers Association said member costs for card replacements and other expenses stand at about $172 million. The Credit Union National Association said its members have shelled out $30.6 million.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access