The hack into Target's computers has spawned attention, law suits, and investigations.  Now, Target has put its state investigations behind it, by entering into a settlement with 47 states and the District of Columbia.  

The settlement highlights a few things that those doing business in the US should be mindful of:

1)  When you are dealing with data, you are dealing with a wide array of regulatory frameworks -- at least one per state.  So, when you have issues, you need to think of all 50 states, and the federal system.

2)  Fines for data-related breaches can be large -- Target agreed to pay $18.5 million.  Although sizable, this is not the largest fine ever imposed for a US data breach.  AT&T was fined $20 million in 2015, for instance.  

3)  The fine was not the only expense Target faced.  Target has settled one of its breach-related lawsuits for $39 million.