In the span of four years, Yahoo! has been subject to three data breaches, the first discovered in August 2013, another in 2014, and the last one in July 2016. Compromised data included much of the personal info of its users, such as their names, contact information, dates of birth, and passwords. With more than 3 billion users affected by the breaches, it was then discovered that several of the compromised accounts were found for sale on the dark web. It's one of the biggest data breaches in internet history.
While an initial settlement was rejected last January, a 117.5 million USD settlement has been proposed to compensate Yahoo! users affected by the breaches. In a statement released by Morgan & Morgan published on the Yahoo! site, there are several options that affected users can avail of as compensation for the damages caused by the breaches.
If you are a resident of the United States or Israel, and...
- ...you received an email from Yahoo! about the data breaches, and/or;
- ...you had a Yahoo! account between January 1, 2012 and December 31, 2016
Then you are a "Settlement Class Member" and are entitled to either:
- A minimum of two years of Credit Monitoring Services, or
- Cash payment, if you already have Credit Monitoring Services, up to 358.80 USD (depending on the number of those that opt-in
In addition, the settlement also covers out-of-pocket costs and/or loss of time, as well as partial reimbursement for costs paid for Yahoo!'s premium and small business services, as a result of the data breaches. In this case, up to 25,000 USD may be reimbursed, given that the proper documentation and proof are provided.
Filing of claims must be done before July 20, 2020. If you prefer to reserve the right to pursue legal action against Yahoo! in the future with regards to the data breaches, you can opt-out of the settlement by March 6, 2020.
For full details as to the proposed settlement, your legal rights and options in the settlement, and filing for compensation, visit the official website here. You can either print out the claim forms and file the documents via mail or file the documents online through the website.
To check whether your email account was compromised in other data breaches aside from Yahoo!, you can type your email into this site to get detailed information on any possible breaches that might have affected you.
With these threats to cybersecurity, there are several safeguards that users can use to ensure minimizing the risk of damage from breaches. For example, enabling two-factor authentication allows you to confirm whether it's you that's actually accessing your account, and if not, you can see where it's being accessed from.
A habit of changing passwords every few months would also help, as well as using different passwords for each website to ensure that one data breach doesn't affect all your other accounts.