Target has agreed to settle a lawsuit brought by consumers that were affected by a massive hacking attack at the US retailer, compromising a huge trove of personal financial information.
Court documents filed in Minnesota showed the company will establish a $10m (£6.8m, €9.4m) fund for victims, who will get up to $10,000 each. The claims will be submitted and processed primarily online through a dedicated website.
In addition, the proposal requires Target to implement data security measures such as appointing a chief information security officer. The proposal still requires the court approval, and a hearing on the same was set for 19 March, according to media reports.
"We are pleased to see the process moving forward and look forward to its resolution," Reuters quoted Target spokeswoman Molly Snyder as saying.
Target discovered a major security breach in December 2013. Payment data from about 40 million credit and debit cards were stolen from Christmas shoppers at its stores over 19 days between 27 November and 15 December.
It has since been revealed that a further 70 million customer records with sensitive information such as names, telephone numbers and email addresses were also stolen.
The retailer is facing a number of lawsuits over the data breach, and its senior management were called before Congress to explain about the data breach and preventive measures undertaken to ensure customer security.
In December, a US judge allowed consumers to go ahead with their lawsuit against the retailer over the breach, rejecting Target's argument that the consumers lacked grounds to sue.