An American judge has rejected Yahoo’s proposed settlement around the data breaches in 2013 and 2014. This leaves parent company Verizon Communications with a problem, because it now has to look for an alternative way to satisfy about 200 million people.
The proposed settlement covered plaintiffs in both the United States and Israel, but was rejected by the American judge Lucy Koh. According to Reuters, she did so on the basis of the reasoning that it was not possible for her to declare the proposed settlement fundamentally fair, adequate and reasonable. Yahoo offered 50 million U.S. dollars and two years of free credit monitoring to the victims.
Problematic settlement
But according to Judge Lucy Koh, the settlement was problematic, especially because it was not clear how the victims could claim the settlement. In addition, it was not clear what the value of the settlement was for victims. In addition, the proposed amount also included $35 million in payments to the plaintiffs’ lawyers, which Koh believes may be unreasonably high.
Judge Koh compared the settlement with one that was reached last year with healthcare provider Anthem. It agreed to a $115 million settlement for a 2015 data breach that affected 79 million customers. Anthem also offered free credit monitoring and at the same time an upgrade of its data security. Yahoo didn’t do that.
Yahoos history of secrecy and lack of transparency related to data breaches is unheard of, writes the judge. Unfortunately, this proposed settlement continues this pattern of lack of transparency. In a statement about this, Verizon states that it has confidence and that it believes there is a good way forward, despite the judge’s ruling.
Largest data breach
In August 2013, Yahoo was hit by the largest data breach ever. In addition, 3 billion user accounts were affected. Data stolen included names, email addresses, phone numbers, dates of birth, hashed passwords and, in some cases, encrypted and unencrypted security questions and answers. Another hack revealed the same data from 500 million accounts.
Yahoo only announced the hacks in 2016, when it was taken over by Verizon. At that time, Verizon also offered $250 million less for the acquisition.
This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.
2 hours ago
