The largest ever recorded data breach class action lawsuit was settled against Anthem this week. California US District Judge Lucy Koh has approved a $115 million settlement. Anthem reached the deal June 23 without admitting any wrongdoing. The data breach affected 79 million Anthem members, exposing their social security numbers, names, date of birth, addresses and other personal information.
The breach was first discovered by Anthem on January 27, 2015. Their system had been hacked, however, since February of 2014 when one of Anthem’s subsidiaries opened a phishing email containing malware. They have provided credit monitoring for their affected members since the discovery.
Breach costs can include incident response, litigation, ongoing investigations, and cleanup. For example, Equifax has reported that the cost of its data breach is over $439 million dollars with only $125 million covered by its cybersecurity insurance policy.
Although most of the settlement fund will be used to monitor the credit of the exposed members for the next two years, members may also claim up to $10,000 each to cover the out-of-pocket expenses they incurred due to the breach. In addition to the settlement fund, Anthem is required to triple its cybersecurity budget. This includes archiving databases, strict access controls, information encryption and strengthening data security controls.
Contact Petronella Computer for all your cybersecurity needs.