Target says it has offered to pay $10 million to settle a class-action lawsuit brought against it following a massive data breach in 2013. The retailer says the funds will be kept in an interest bearing escrow account, with individuals affected by the breach able to be reimbursed up to a maximum of $10,000. Claims will mostly be submitted and processed online through a dedicated website. The proposed settlement also requires the company to appoint a chief information security officer, keep a written information security program, and offer security training to its workers. Target must also maintain a process to monitor for data security events and respond to such events deemed to present a threat.