US retailer Target said this week that it has entered into a settlement agreement with Mastercard that will see the company pay $19 million  as part of the major data breach in 2013.

The funds will reimburse the financial institutions that had issued MasterCard-branded cards and were part of the breach, which compromised around 40 million credit and debit cards during the Christmas trading period 18 months ago.

Target's statement said that all eligible issuers will soon receive notification from Mastercard containing full details of the agreement and how to accept their alternative recovery offers before they expire. 

According to the retailer, the settlement is conditioned on issuers of at least 90% of the eligible Mastercard accounts accepting their alternative recovery offers, either directly or through their sponsoring issuers, by 20 May 2015. Target mapped out costs and liabilities associated with the data breach during fiscal years 2013 and 2014 – it said this week that the estimated costs of this latest settlement are already reflected in its earlier calculation.

No new comment has been made on similar reimbursement negotiations which are assumed to be taking place with other card schemes such as Visa.

Earlier this year Target said expenses related to the data breach, including expected insurance compensation, would total $252 million – but the damage to the reputation of the brand could yet be the most expensive cost incurred.

Scott Kennedy, president of financial & retail services at Target, commented: "We are hopeful that Target's agreement to pay up to $19 million to settle the claims of MasterCard and its issuers will result in a high level of issuer acceptance.

"Target intends to continue to defend itself vigorously against any assessments made by Mastercard on behalf of Mastercard issuers that do not accept their offers."

In the aftermath of the data breach, Target replaced CEO Gregg Steinhafel with PepsiCo's Brian Cornell and has made a number of structural changes to its business, including the recent closure of its 133 stores in Canada.

Rahul Sharma, retail analyst and owner of Neev Capital, told Essential Retail said that Target's data breach in 2013 exposed deeper challenges faced by retailer.

"The card breach just helped magnify the real underlying problems at Target about lack of distinctive product, lagging behind on online and – like Walmart and Tesco – over-exposure to large stores," he said.

"[The breach] hit profits and sales very briefly, but issues like poor US traffic trends and the Canada disaster were the real reason for leadership change and indeed change in direction at Target."