I would expect the EU to follow with GDPR shortly, massive fines incoming.

Great massive fines, significant lawyer billing, some worthless credit monitoring service free for 6 months and screw the affected consumers.

Let's see Target is probably the most obvious parallel: $202 million in reported legal fees and other costs. $18 million to states (fines). $39 million to the financial institutions affected by the breach and a whopping $10 million for the consolidated class action lawsuit (along with the $6.75 million for plaintiffs’ attorneys fees and expenses).

Oh wait, Target annual profits are $20 billion? Never mind.