US retailer Target, which suffered from a massive data breach in 2013, is close to reaching a settlement with MasterCard to reimburse affected financial institutions about $20m (£13.6m, €18.9m) for costs related to the hacking attack.
The Wall Street Journal, citing people familiar with the negotiations, reported the deal could be announced as soon as this week after months of talks.
The $20 million covers costs that banks incurred to reissue credit cards and debit cards as a result of the breach, as well as some of the fraud that resulted from the exposure of customer information, the report said.
Target discovered a major security breach in December 2013. Payment data from about 40 million credit and debit cards were stolen from Christmas shoppers at its stores over 19 days between 27 November and 15 December.
It has since been revealed that a further 70 million customer records with sensitive information such as names, telephone numbers and email addresses were also stolen.
The retailer is facing a number of lawsuits over the data breach, and its senior management were called before Congress to explain about the data breach and preventive measures undertaken to ensure customer security.
In March, the retailer agreed to pay $10m to settle a lawsuit brought by consumers that were affected by the data breach.
As per the terms of the latest settlement, MasterCard will distribute the reimbursed funds to the financial institutions that use its technology for credit cards and debit cards, including Citigroup Inc, Capital One Financial Corp and JP Morgan Chase & Co, the newspaper added.
The company is holding similar negotiations with MasterCard rival Visa Inc, the report said, citing people familiar with the talks.