NEW YORK (AP) -- Financial institutions' bill for Target's massive data breach keeps rising.
Costs related to the holiday data theft has now exceeded $200 million for financial institutions, according to data collected by the Consumer Bankers Association and the Credit Union National Association.
The two trade associations said Tuesday that 21.8 million of the 40 million compromised credit and debit cards have been replaced.
The Consumer Bankers Association, which represents the nation's largest financial institutions as well as many regional banks, estimated that the cost of card replacement for its members have reached $172 million, up from an initial finding of $153 million. The Credit Union National Association says the cost to credit unions has increased to $30.6 million from an original estimate of $25 million.
The more than $200 million in costs doesn't take into account any fraudulent activity, which would push the cost of the data breach to the industry higher as consumers are not held liable.
Target Corp., based in Minneapolis, said 40 million credit and debit card accounts had been affected by a data breach that happened between Nov. 27 and Dec. 15, just as the holiday shopping season was getting into gear. Hackers stole personal information — including names, phone numbers as well as email and mailing addresses — from as many as 70 million customers as part that hack.
The nation's second-largest discounter is offering free credit monitoring services for a year to those who had their data compromised.
When the final tally is in, Target's breach may eclipse the theft at TJX, which was disclosed in 2007 and compromised more than 90 million records.