(Bloomberg) – Anthem Inc. agreed to pay $115 million toresolve consumer claims over a 2015 cyberattack that compromised data on 78.8 million people,marking what attorneys in the case called the largest data breachsettlement in history.
|The proposed accord, which would end class-action lawsuits filedin several states, requires approval from a federal judge in SanJose, California. Anthem sells coverage under the Blue Cross andBlue Shield brand in 14 states.
|Related: N.Y. state AG settles with health services companyover delayed data breach notification
|"We are pleased to be putting this litigation behind us, and tobe providing additional substantial benefits to individuals whosedata was or may have been involved in the cyberattack and who willnow be members of the settlement class," the Indianapolis-basedcompany said Friday in a statement.
|Didn't admit any wrongdoing
Anthem didn't admit any wrongdoing in the settlement.
|The company said in February 2015 that hackers obtained data ontens of millions of current and former customers and employees thatled to a probe by the Federal Bureau of Investigation. Theinformation compromised included names, birthdates, Social Securitynumbers, medical IDs, street and email addresses and employee data,including income, Anthem said at the time.
|As part of the proposed settlement, $15 million would be setaside to pay for out-of-pocket expenses incurred as a result of thedata breach.
|The proposal filed Friday would require Anthem to establish afund to buy at least two years of credit monitoring services forthe class to help protect them from fraud.
|$50 per person
For individual class members who already have their owncredit-monitoring services and don't want to enroll in thesettlement's plan, the settlement provides alternative compensationof as much as $50 per class member.
|The plan also requires Anthem to spend an undisclosed amount tohelp protect members' personal information over the next threeyears.
|In 2015, after the breach was made public, Anthem established awebsite, anthemfacts.com,where people affected by the breach could sign up for two years ofcredit monitoring.
|The case is In re Anthem Inc. Data Breach Litigation,5:15-md-02617, U.S. District Court, Northern District of California(San Jose).
|Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader
Your access to unlimited PropertyCasualty360 content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- All PropertyCasualty360.com news coverage, best practices, and in-depth analysis.
- Educational webcasts, resources from industry leaders, and informative newsletters.
- Other award-winning websites including BenefitsPRO.com and ThinkAdvisor.com.
Already have an account? Sign In
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
