Home » Cybersecurity » Data Security » Yahoo and Verizon Sweeten Their Settlement Offer by $30 Million + Staffing/Budget Commitments

Yahoo and Verizon Sweeten Their Settlement Offer by $30 Million + Staffing/Budget Commitments

In 2013, 2014 and 2016, Yahoo suffered a series of data breaches. Yahoo reports that the largest one, in August 2013, affected all three billion user accounts then in existence worldwide.

The stolen user account information may have included names, email addresses, telephone numbers, dates of birth, passwords encrypted with the MD5 cryptographic hashing algorithm, and, in some cases, encrypted or clear text security questions and answers.

Unsurprisingly, plaintiffs representing affected users brought dozens of class action lawsuits against Yahoo. Five of the cases were combined into a single lawsuit in the U.S. District Court for the Northern District of California. After Verizon Communications completed its acquisition of Yahoo in June 2017 (for $350 million less was agreed before news of the breaches broke), Verizon tried unsuccessfully to get the case dismissed.

After failing to get the case dismissed in August 2017, Verizon and plaintiffs’ counsel in this case and in a separate consolidated case brought in California state courts worked to reach agreement on a settlement. In November 2018, the parties proposed a settlement to the judge overseeing the federal court case.

The proposed settlement included:

• $50 million to cover out-of-pocket costs, alternative compensation, paid user costs and small business user costs without specifying the costs of credit monitoring services or costs for class notice and settlement administration and without identifying the total size of the settlement fund,
• Up to $35 million for attorneys’ fees, with any unused amounts reverting to Yahoo/Verizon
• Up to $2.5 million for costs and expenses of up to $2.5 million
• Up to $7,500 each for service awards to each settlement class representative

In January 2019, Judge Lucy H. Koh rejected the proposed settlement and sent the parties back to the negotiating table to try again. Judge Koh raised six objections (Read more...)