Target Agrees To Pay $10 Million To Data Breach Victims

Target has agreed to pay $10 million under a proposed settlement in a class-action lawsuit stemming from a massive 2013 data breach, the company confirmed to CBS News.

"We are pleased to see the process moving forward and look forward to its resolution," Target spokesperson Molly Snyder told CBS News late Wednesday.

The proposed settlement, which must be approved by a federal district court judge, creates a settlement account that could pay individual victims up to $10,000 in damages, according to court documents.

The data breach, one of the largest of its kind, occurred between Nov. 27 and Dec. 15, 2013, just as the busy holiday shopping season was underway. Information from as many as 40 million credit and debit cards was stolen.

Investigators believe the thieves captured the information by installing software on payment terminals customers used to swipe their payment cards at checkout. Nearly all of Target's 1,797 stores in the United States were affected.

At least 15 lawsuits were filed by the end of 2013, seeking millions of dollars in damages. The harm was so widespread that the Department of Justice began its own investigation into the breach.

A court hearing on the settlement proposal was scheduled for Thursday in St. Paul, Minnesota, where Target's headquarters is located.

The news comes as Target recently announced layoffs of 1,700 employees -- or 13 percent of the workforce -- at its Minneapolis headquarters, reports CBS Minnesota.