This is not exactly the merriest of times for Target. Last week the retailer revealed that credit card data from 40 million customers had been stolen. Now it looks like the giant retailer could be liable for up to $3.6 billion. Target could face a $90 fine for each cardholder’s data compromised, which translates to the $3.6 billion liability, according to a post on the SuperMoney website. Here’s how it breaks down. Target will already likely face all sorts of lawsuits and the added cost to assure that everything in its infrastructure is secure, SuperMoney explains. But that’s just part of it. Back in 2006, Visa, American Express, JCB, Discover and MasterCard formed the PCI Council to oversee the new Payment Card Industry Data Security Standard (PCI DSS). The data security standard defines how organizations manage cardholder information.