SAN FRANCISCO – Capital One’s infamous 2019 data breach exposed the personal information of more than 100 million people and resulted in a class-action lawsuit that’s been tentatively settled to the tune of $190 million.
Plaintiffs in the case claim a hacker never would have been able to break into the bank’s cloud computing systems, which were hosted on Amazon Web Services, if the company had taken adequate cybersecurity measures. In their complaint, they allege Capital One “knew of the particular security vulnerabilities that permitted the data breach, but still failed” to protect customers, putting millions at risk of fraud and identity theft.
Neither Capital One nor Amazon responded to a request for comment.
Capital One hasn’t admitted to any wrongdoing but, according to court filings, agreed to the $190 million payout in December 2021, “in the interest of avoiding the time, expense and uncertainty of continued litigation.” The US District Court for the Eastern District of Virginia granted preliminary approval for the deal on Jan. 31, 2022 (PDF).
At that time, prospective class members had until Aug. 22 to file a claim. The deadline has now been extended into September.
To read more, click on CNET
