Target has agreed to pay $18.5 million to resolve investigations being conducted by 47 states and the District of Columbia stemming from the 2013 data breach that compromised 41 million customer credit and debit card accounts and exposed the personal information of more than 60 million customers. The terms of the settlement also require Target to implement and maintain a “comprehensive information security program” aimed at securing customer data. The retailer must also hire an executive to oversee the execution of that program and advise the company’s CEO and board of directors. A spokesman for the California Attorney General’s office could not immediately confirm how many Target customers in the state were believed to be impacted by the breach.