Anthem has reached a settlement to completely resolve the multidistrict class action litigation brought against Anthem and other defendants relating to the 2015 cyber attack. Under the settlement, which the court granted final approval to on August 15, 2018, Anthem does not admit any wrongdoing or acknowledge that any individuals were harmed as a result of the cyber attack. Nevertheless, we are pleased to be putting this litigation behind us, and to be providing additional benefits to individuals whose data was impacted in the cyber attack.
When Anthem discovered the cyber attack in 2015, the company offered two years of credit monitoring and identity protection services to all individuals whose data may have been impacted. As part of this final resolution of the litigation, class members can receive at least two additional years of credit monitoring and identity protection services, along with other significant benefits.
Anthem agreed to pay a total of $115 million to resolve the litigation. Those funds will pay for the additional years of credit monitoring and identity protection services, and will also benefit class members in several other ways. In particular, while there is no evidence that any data impacted by the cyber attack has ever been sold or used to commit fraud, Anthem has agreed that at least $15 million of the fund will be allocated to pay actual out-of-pocket costs, up to a set amount, that class members claim they incurred due to the cyber attack. Class members who already have credit services also could submit a claim to receive alternative cash compensation instead of receiving the credit services provided by the settlement. The costs of sending notice to class members, administering claims, and the class members’ attorneys’ fees are also included in this total amount.
Anthem has had, for many years, a strong information security program to protect the personal data entrusted to us. As we have seen in cyber attacks against governments and private sector companies including Anthem over the past few years, many cyber threat actors are increasingly sophisticated and determined adversaries. Anthem is determined to do its part to prevent future attacks. To that end, as part of the settlement, Anthem has agreed to continue the significant information security practice changes that we undertook in the wake of the cyber attack, and we have agreed to implement additional protections over the next three years.
A third-party settlement administrator is managing the settlement, overseen by the court in this litigation. The settlement administrator is the best resource for questions pertaining to the settlement, including how to submit claims for out-of-pocket costs. The settlement administrator set up a website,www.DataBreach-Settlement.com, as well as a customer service line at 1-855-636-6136 regarding this settlement.
A third-party settlement administrator will manage the settlement, which will be overseen by the court in this litigation. The settlement administrator will be the best resource for questions pertaining to the settlement. The settlement administrator set up a website, www.DataBreach-Settlement.com, as well as a customer service line at 1-855-636-6136 regarding this settlement.