If You Still Use Yahoo, It Could Owe You Money Resulting from Data Breach

Published on October 14, 2019

If you are still using Yahoo as your default email provider in 2019, then we need to have some serious conversations about upgrading to a provider like Microsoft Outlook or Gmail.

Nevertheless, if you are still using the stone age email provider, and you had that account any time between 2012 and 2016, you may be eligible to take part in the legal class-action settlement to compensate you for losses as the result of a data breach back in 2012 and 2013.

Over several years, hackers were able to gain access to Yahoo user accounts, stealing private emails, calendars, and contacts in at least three documented, separate attacks. The breaches ranged in scope from two attacks in 2012, although Yahoo claims no data was taken, to a 2013 breach where hackers were able to gain access to information from more than 3 billion Yahoo accounts, stealing names, email addresses, telephone numbers, birth dates, passwords, and answers to many security questions.

A few weeks ago, Yahoo announced that if you had an account any time between January 1, 2012 and December 31, 2016, and are a resident of the U.S. or Israel, you are part of the settlement class and can file a claim for part of the $117,500,000. In other words, you may be entitled to at least $358 as part of the settlement.

What You Should Expect from the Settlement

The settlement provides a range of benefits to compensate those whose data was compromised in a hack. You can submit claims for money and credit monitoring:

  • At least two years of credit monitoring services provided by AllClearID. The service includes identity theft monitoring, up to $1 million in theft insurance and identity recovery assistant.
  • A cash payment if you already have credit monitoring and protection services. Yahoo said the payment could range from less that $100  to a max of $358.80, depending on funds available after other benefit payouts.
  • Cash reimbursement up to $25,000 to cover out-of-pocket costs to address fraud and identity theft as a result of a breach. You can also file a claim to be compensated for up to 15 hours of your time spent recovering from a breach.
  • A refund up to 25 percent of the amount you paid for a premium Yahoo account.
  • A refund up to 25 percent of the amount you paid for a Yahoo Small Business User email service, with a cap of $500 a year.

What You Need to Do

If you qualify as part of the class-action, you can contact the settlement administrator if you want to confirm you can take part in the settlement. A qualifying Yahoo account includes ones with Yahoo Fantasy Sports, Yahoo Finance, Tumblr and Flickr.

You can submit claims as a basic account holder, a paid user and a small business user. Israeli citizens must submit a separate claim form.

The settlement website has separate forms for each type of claim.

You need to submit all claim forms — either online or postmarked by mail — by July 20, 2020. The settlement is pending final court approval set for April 2, 2020.

In the meantime, in addition to the recent DoorDash data breach, here’s a running list the recent major data breaches and more on what to do if you are part of a data breach.

And for the love of god, please change your email provider and use something with some basic form of security.

Case Information

United States District Court Northern District of California San Jose Division
Case No. 5:16-MD-02752-LHK

Andrew "Drew" Rossow is a former contract editor at Grit Daily.

Read more

More GD News