Heartland Payment Systems has agreed to pay up to $41.4 million to MasterCard issuers in relation to the data breach that hit the processor in 2008.
Heartland revealed last January that malicious software in its processing system had been found, potentially compromising the card data of millions of people.
The firm has agreed to fund the $41.4 million in "alternative recovery offers" to settle loss claims by card issuers associated with the breach. MasterCard is recommending the offer is accepted.
The deal is contingent upon financial institutions representing 80% of the claimed-on accounts accepting it by 25 June and waiving their rights to pursue future claims.
Wendy Murdock, chief franchise officer, MasterCard, says: "We feel that this settlement represents an appropriate and fair resolution for our issuing financial institution customers and will enable them to avoid uncertainties and delays associated with potentially protracted litigation."
In January Heartland forged a similar agreement, worth $60 million, in relation to Visa issuers although this prompted lawyers representing five financial institutions to file a class action lawsuit against two acquiring banks, claiming they share responsibility for damages caused by the intrusion.
In December the processor reached a $3.6 million settlement with American Express relating to the breach and has also agreed to pay up to $2.4 million to settle a consumer cardholder class action suit.