Home improvement retailer Home Depot has agreed to pay $19.5 million to settle lawsuits filed over a massive breach of consumer data in 2014. Data from over 50 million shoppers was compromised in the breach, including credit and debit card information.
The settlement will be divided into a $13 million fund to reimburse victims of fraudulent charges, and a $6 million fund to provide them with future identity protection services.
The chain retailer also announced that it will hire a chief information security officer to work on a program intended to improve data security.
The settlement is limited to consumers, and does not include credit card companies or banks that were involved.
Other chain stores such as Michaels, Neiman Marcus, and P.F. Chang’s reported breaches of security shortly after the Home Depot incident.
In 2013, a data breach at Target prompted a $10 million settlement.
President Obama recently proposed a cyber-security plan that would cost an estimated $19 billion.