Shoppers walk though a Target Corp. store in Torrance, California, U.S., on Tuesday, August 20, 2013. Target is expected to announce quarterly earnings results on Aug. 21, 2013. Photographer: Patrick T. Fallon/Bloomberg
A Target store in Torrance, Calif. (Patrick T. Fallon/Bloomberg)

Target has proposed to pay $10 million to settle a class-action lawsuit over its massive 2013 data breach, according to court documents filed in the U.S. District Court in Minnesota on Wednesday.

The settlement, if approved by a judge, would allow individual shoppers to receive up to $10,000 in damages if they can prove they endured losses stemming from Target’s data breach.  Up to 40 million shoppers had their credit card data stolen during the breach, while up to 70 million had personal information such as addresses and phone numbers stolen.

The settlement also states that Target will create a new position, a chief information security officer, who will be responsible for protecting customer data. Target promises in the court documents that it will implement a program to train Target employees on security practices and will periodically review its safeguards to make sure they are sufficient to protect consumers.

“We are pleased to see the process moving forward and look forward to its resolution,” said Molly Snyder, a Target spokeswoman, in an e-mail.

The breach took place at the height of the holiday shopping rush in 2013 and deeply wounded Target’s sales during the retail industry’s most important season.  It remains one of the largest data breaches in history.

There are a variety of criteria that make members of the suit eligible to submit a claim for damages. One is that “unauthorized, unreimbursed charges” were made on one’s credit or debit card.  It is likely that many shoppers have already been reimbursed for fraudulent charges by their banks, and thus wouldn’t be eligible under that particular criteria.  Still, they could file a claim based on other criteria, including time spent addressing the unauthorized charges, the cost associated with getting a credit report fixed, or the cost of higher interest rates incurred as a result of the breach.

The company has spent the last year trying to lure shoppers back to the store–at first, with a blitz of promotions and deals, and more recently, with a revamped assortment of products in crucial departments such as fashion, home goods, kids and baby.

Last August, Brian Cornell took over as chief executive of Target after Gregg Steinhafel stepped down amid sluggish sales.  On Cornell’s watch, it appears the big-box retailer is in the early stages of a comeback: Target’s quarterly sales have strengthened and it has seen an increase in foot traffic to its stores.

Cornell has also moved to cut costs at the discount retailer, in part by trimming 1,700 positions at its headquarters in Minneapolis. In April, the company is poised raise its minimum wage to $9 for its 350,000 U.S. workers.