US Judge Rejects Yahoo Data Breach Settlement (reuters.com) 21
A U.S. judge rejected Yahoo's proposed settlement with millions of people whose email addresses and other personal information were stolen in the largest data breach in history, faulting the Internet services provider for a lack of transparency. From a report: In a Monday night decision, U.S. District Judge Lucy Koh in San Jose, California, said she could not declare the settlement "fundamentally fair, adequate and reasonable" because it did not say how much victims could expect to recover. Yahoo, now part of New York-based Verizon Communications, was accused of being too slow to disclose three breaches from 2013 to 2016 that affected an estimated 3 billion accounts. The settlement called for a $50 million payout, plus two years of free credit monitoring for about 200 million people in the United States and Israel with nearly 1 billion accounts.
$50M for 200M people (Score:5, Insightful)
So everybody gets a shiny quarter for having their account information ripped.
No wait, forgot about the lawyers and legal fees. Now everyone gets a dime and a law firm gets fkin rich.
That's definitely a fair settlement. I can't imagine why a judge would toss it out.
Re: (Score:2)
You're right that the class members could have looked for a firm to handle this for free or much less than it actually cost in legal fees.
End result: everyone gets nothing, and Yahoo faces no consequences at all.
Which is the better outcome?
1. False dichotomy [wiktionary.org]
2. Class members are usually opted in into a class action without their knowledge or consent.
Re: (Score:2)
Class members are usually opted in into a class action without their knowledge or consent.
Not sure where you got that from, I've been a member of more class action suits than I can remember, and normally receive something in the mail stating that I've been identified as part of the class action, and notifying me of my rights to litigate it...often separately.
My Yahoo email just got hijacked last week. (Score:2)
I had a very old email address with an swbell.net domain (the old Southwestern Bell telephone), from back when they were my dial-up 56K ISP in St. Louis, Missouri.
I had an opportunity to migrate it over when AT&T started handling DSL service, and later, U-Verse broadband service in the area. Since they partnered with Yahoo by that point, they had them do the mail hosting -- so the account stayed live with Yahoo even after I moved away from St. Louis and started using other services like Comcast.
To be ho
How to know if I'm affected? (Score:2)
Re: (Score:2)
Is there a way to know if I'm affected by the breach? I'm assuming I am, as I use Yahoo Mail.
Just assume you have been breached and change your password to something completely new.
the moon (Score:2)
yahoo, first of all who used their real name and address when creating their email address ?
Second I am far more worried about the Equifax breach. That company got away with far worse than what Yahoo did. Equifax should be paying for 20 years of credit checks plus full restitution if your identify is stolen.
But nice, will be fun seeing how the 25 cent check is mailed to:
Melvin
4 via Moltke
Mare Tranquillitatis
Moon x192t34-9a911z