About 4 years ago, about 40 million debit and credit cards were breached as holiday shoppers shopped at their local Targets across the country.

According to Reuters.com, Target Corp agreed to pay $18.5 million to settle claims in 47 states in the U.S. as well as the District of Columbia.

Connecticut and Illinois Attorney General's conducted the investigation and found that cyber attackers had accessed the gateway server of the retail giant, through credentials from a third-party vendor.

As well as the payout, Target has also been ordered to hire a qualified, independent third party to conduct a comprehensive security assessment and secure customer information by employing an executive overseer and advising the chief executive officer.