Tag Archive for: settlement

Data management company to pay $3 million in settlement with feds over 2020 ransomware disclosures


Blackbaud Inc., which sells donor data management software to nonprofits, agreed Thursday to pay the Securities and Exchange Commission $3 million in a settlement regarding disclosures of a 2020 ransomware attack.

The SEC charged that Blackbaud violated federal law in making misleading disclosures that failed to mention the full extent of customer information seized in the cyberattack. Part of that failure stemmed from company personnel neglecting to inform upper management that sensitive data had been taken.

On May 14, 2020, Blackbaud discovered that someone had been accessing their internal systems without authorization since as early as February 2020, and found messages from the perpetrator saying that customer data had been taken from the system. 

The attacker demanded ransom in exchange for deleting the stolen data. A third-party vendor was hired to investigate, and to arrange communications with the attacker to eventually arrange payment of the ransom.

By July 16, 2020,

Source…

CDSL provides updates on pending settlement after being hit by cyber attack


Days after trade-related activity and back-end operations at Central Depository Services (India) (CDSL) were disrupted due to a malware attack, the country’s largest depository on Sunday shared an update on pending settlement-related activities.

“The CDSL systems after due checks and validations have been made live. The systems are functional to carry out depository activities,” the company statement read.

It further noted, “In co-ordination with the other Market Infrastructure Institutions (MIIs), the pending settlement related activities pertaining to the Business Day – Friday, November 18, 2022, have been successfully completed.”

Settlement services at CDSL were affected on Friday due to cyber attacks on few of its internal machines. Brokers said services such as pay-in, pay-out, pledge, or unpledged securities for margin were down due to system failure at the CDSL. However, trading was not affected, according to reports.

However, the company added that there was no prima facie compromise of investor data.

“Earlier today (Friday, November 18, 2022), Central Depository Services (India) Limited (CDSL’s) detected malware in few of its internal machines,” the company had informed the stock exchanges .

“As a matter of abundant caution, the Company immediately isolated the machines and disconnected itself from other constituents of the capital market. As per initial findings, there is no reason to believe that any confidential information or the investor data has been compromised,” CDSL noted.

The CDSL team had reported the incident to the relevant authorities and was working…

Source…

OPM hack $63M settlement approved by federal judge


Written by

John Hewitt Jones

A federal judge has given final approval for a proposed $63 million settlement to bring to an end a class action lawsuit brought over the Office of Personnel Management data breaches in 2015.

U.S. district judge Amy Berman Jackson in a hearing on Oct. 14 said the agreed-upon figure was fair and gave approval for the settlement to proceed.

Judge Jackson in June gave preliminary approval for the settlement to proceed, and at the time described the terms as “fair, reasonable, and adequate, and in the best interest of named plaintiffs and class members.”

Most class action lawsuits involve a fairness hearing, during which the judge will consider whether the proposed settlement figure is “fair, reasonable and adequate”, and hear any objections. 

Following the final fairness hearing, prospective participants will still have until Dec. 23 to join the lawsuit, after which the validity of each claim will be assessed. Assuming there are no appeals, payouts to claimants are expected to take place in the first or second quarter of next year.

Under terms of the settlement, each claimant is entitled to a minimum of $700 per claim, up to a maximum of $10,000 per claim. 

Speaking with FedScoop, attorney for the plaintiffs Jordan Elias said: “It was a challenging case with a lot of pitfalls, so we were pleased we were able to negotiate the case outcome without major objections.”

Elias added that the negotiations took over two years and had been complicated by factors including the COVID-19 pandemic.

In 2015, OPM announced it was hit with a series of intrusions understood to be linked to two Chinese government-sponsored groups, which resulted in the compromise of personal information of around 22 million individuals.

A subsequent report by the House Committee on Oversight and Reform found that the earliest known data breach at the agency came in November 2013 but was not detected for years until a private cybersecurity firm was brought in to run forensics.

Before that, malware was found to be lurking on the…

Source…

How To Find Out If You Will Get Anything From T-Mobile’s $350 Million Data Breach Settlement


Wireless carrier T-Mobile has agreed to pay $350 million to settle complaints relating to last year’s major data breach.

Plaintiffs say the hack exposed data on millions of customers.

The settlement was first disclosed in a Securities and Exchange Commission (SEC) filing back in July.

T-Mobile customers, both past and present, could receive compensation from the settlement. Of course, not all of the $350 million will go to consumers.

Lawyers have to be paid. Also, $150 million will go to beef up T-Mobile security, described by the hacker in a confession to the Wall Street Journal, as “awful.”

According to Reuters, people who were T-Mobile customers at the time of the hack could receive $25 if the settlement is approved. Customers living in California would receive up to $100.

The final amount will likely be determined by how many customers make a claim.

In fact, the number of consumers affected by the breach is not precisely known. Lawyers for the plaintiffs say the number is over 76 million, a claim disputed by T-Mobile. 

Getting paid could take months

T-Mobile has not yet laid out steps for making a claim. In past settlements people eligible to receive compensation have usually been notified by mail. According to Tech Crunch, it could take several months for the company to sort everything out and contact eligible customers.

The settlement was filed in the U.S. District Court for the Western District of Missouri, which must give final approval. The settlement merged more than 40 class-action suits that claimed T-Mobile was lax with its network security.

If the settlement wins the court’s approval, it would be the second-largest data breach settlement in U.S. history. Equifax’s $700 million settlement in 2019 is the largest writes Consumer Affairs.

Related Articles


VIDEO


“Dr. Harry Delany is a renowned Harlem born and raised surgeon, the son of the great jurist and civil rights leader, Hubert Delany….” This monthly post is made in partnership with Harlem Cultural Archives.

Source…