Yahoo has agreed to pay $50 million to help settle a lawsuit that seeks to hold the company responsible for a data breach the company suffered several years ago.
On 23 October, Yahoo said it would pay $50 million and provide two years of free credit-monitoring services to 200 million people whose email addresses and personal information were exposed in the data security incident. That event exposed a total of 3 billion Yahoo accounts.
In this settlement, the Internet Services company said it would cover the losses of upwards of 200 million people who held a combined total of one billion Yahoo accounts at the time of the breach. Altaba Inc., a company which Yahoo set up after it agreed to sell its digital services to Verizon Communications, paid the other half to the U.S. Securities and Exchange Commission in the form of a fine for the email provider’s failure to disclose the incident on a timely basis.
According to AP News, Yahoo would pay account holders $25 per hour for time spent on dealing with the aftermath of the data breach. The settlement, which is still pending court approval, would allow account holders with documented losses to ask for compensation of up to 15 hours. Those without documented losses could request five hours of compensation under the settlement.
The web services company also agreed to provide affected individuals with two years of free access to AllClear, a credit monitoring company. The retail rate for two years of AllClear’s service amounts to $359, or approximately $15 per month. It remains to be seen whether Yahoo will pay that exact rate.
At this time, there is a hearing scheduled for 29 November to approve the preliminary settlement before U.S. District Judge Lucy Koh in San Jose, California. (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/yahoo-to-pay-50-million-in-damages-to-settle-data-breach-lawsuit/