U.S. judge rejects Yahoo data breach settlement

Source: Reuters

BUSINESS NEWS JANUARY 29, 2019 / 10:34 AM / UPDATED 2 HOURS AGO

Jonathan Stempel

(Reuters) - A U.S. judge rejected Yahoo’s proposed settlement with millions of people whose email addresses and other personal information were stolen in the largest data breach in history, faulting the Internet services provider for a lack of transparency.

In a Monday night decision, U.S. District Judge Lucy Koh in San Jose, California, said she could not declare the settlement “fundamentally fair, adequate and reasonable” because it did not say how much victims could expect to recover.

Yahoo, now part of New York-based Verizon Communications Inc, was accused of being too slow to disclose three breaches from 2013 to 2016 that affected an estimated 3 billion accounts.

The settlement called for a $50 million payout, plus two years of free credit monitoring for about 200 million people in the United States and Israel with nearly 1 billion accounts.

Read more: https://www.reuters.com/article/us-verizon-yahoo/u-s-judge-rejects-yahoo-data-breach-settlement-idUSKCN1PN20F

---

-snip-

“Yahoo’s history of nondisclosure and lack of transparency related to the data breaches are egregious,” Koh wrote.

“Unfortunately, the settlement agreement, proposed notice, motion for preliminary approval, and public and sealed supplemental filings continue this pattern of lack of transparency,” she added.

The case is In re: Yahoo Inc Customer Data Security Breach Litigation, U.S. District Court, Northern District of California, No. 16-md-02752.