A federal court in Michigan is reviewing a proposed $31.5 million settlement from Flagstar Bank, which seeks to resolve a class-action lawsuit brought by its customers. The lawsuit stemmed from a 2021 data breach that exposed the personal information of nearly 2.2 million people. The breach was linked to a vulnerability in Accellion Inc.’s file-transfer software, which Flagstar used. The plaintiffs allege that the bank failed to adequately protect their sensitive data from the cyberattack. This settlement, if approved, would provide financial compensation and other protections to those affected.
The settlement fund is intended to cover various claims from affected customers. A key component is the provision for documented monetary losses, with individuals eligible to receive up to $25,000 for damages directly resulting from the breach. This could include losses from fraud, identity theft, or other financial harms. Beyond direct financial compensation, the agreement also allocates funds for credit monitoring services, a crucial measure for protecting against future identity theft.
In addition to the monetary relief for documented losses, the settlement includes three years of complimentary credit monitoring and identity theft protection services for all class members. This service is designed to help customers detect and respond to any suspicious activity on their financial accounts or credit reports. This proactive measure is often a standard part of data breach settlements, as it helps mitigate long-term risks for consumers.
After all other claims are paid out, including for documented losses and administrative costs, any remaining funds will be distributed on a pro rata basis to class members. This means that each person who files a valid claim will receive an equal share of what’s left. While the exact amount per person will depend on the number of claims filed, this ensures that all affected individuals receive some form of compensation from the settlement.
The motion for preliminary settlement approval was filed in the U.S. District Court for the Eastern District of Michigan. The court’s approval is a necessary step before the settlement can be finalized and funds can be distributed. If the settlement is approved, it will bring to a close a significant legal challenge for Flagstar Bank, while providing a measure of relief and protection for the millions of customers whose data was compromised in the breach.
Reference:
