Lawyers who secured a $117.5m deal to resolve litigation tied to multiple data breaches at Yahoo could get paid $30m for their efforts.
Class counsel who secured the breach settlement are currently waiting for US District Judge Lucy Koh to give her final stamp of approval and to award them the fees, according to new documents filed in California federal court.
The sizeable settlement, approved by a federal judge in California last summer, relates to a host of massive historic data breaches that occurred at Yahoo between 2012 and 2016. Data exposed included names, email addresses, telephone numbers, birth dates, passwords, security questions and answers, as well as potentially the contents of emails, calendars, and contacts.
The deal will allow only 194 million Yahoo users in the US and Israeli who were affected by the breaches to claim compensation. Globally, the breaches impacted some 3 billion Yahoo users.
Consumers or small business affected by the breach could potentially get up to $25,000 in reimbursement if they had out-of-pocket expenses tied to the breach, such as losses or fees incurred as a result of handling identity fraud or setting up credit monitoring.
Individuals who didn’t suffer any direct harm from the breach will be given the option to claim for free credit monitoring. Users who demonstrate they have a minimum of 12 months of credit monitoring can claim a cash payout of up to $100.
The amount of the cash payment that actually gets paid depends on how many people file for the benefit. If funds remain after all the claims are paid, then claimants could get up to $358.80 each. However, due to the 194 million potential claimants involved, the real payout could be as little as 60 cents per user.
If even a third of the potential class members lodge a claim, then the payout will be $1.84 per person.
Commenting on the settlement to CNBC, cybersecurity expert Joseph Steinberg predicted that the actual amount of compensation Yahoo users will receive is likely to be far lower.
“Everybody probably has free credit monitoring at this point,” said Steinberg. “If you’re expecting to get $100, you’re probably going to be significantly disappointed.”
Settlement class members have until July 20 to sign up for credit monitoring or alternative compensation.
#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity