Yahoo Hack Victims Line Up To Get $100 (Or Less) For Historic Hack

from the timid-and-pointless dept

It seems like only yesterday that we learned of the historic hack of Yahoo, resulting in the leaked data of more than 500,000 subscribers. Granted, like most hack stories, it didn’t take long before we learned that the impacted number of subscribers was far far larger, with in fact several different hacks resulting in the leaked data of roughly 3 billion potential users, or pretty much everybody that had ever used the service.

Granted like other similar hacks, the $117.5 million settlement “holding Yahoo accountable” didn’t do anything of the sort. The settlement website has gone live, and is informing impacted users that they may be entitled to $100 as a result of the breach. Of course, just like the flimsy Equifax hack and settlement, users are also being told that they shouldn’t actually expect to get that money depending on the number of folks interested in actually being compensated:

“Settlement Class Members are encouraged to submit a claim to receive a minimum of two years of future Credit Monitoring Services. If you already have Credit Monitoring Services, you may still sign up for this additional protection. Alternatively, if you verify that you already have a credit monitoring service that you will keep for at least one year, you may submit a claim for a cash payment of $100.00 instead of receiving Credit Monitoring Services through the Settlement. Payment for such a claim may be less than $100.00 or more (up to $358.80) depending on how many Settlement Class Members participate in the Settlement.”

That $358 tally is never going to happen given people like free money. Much like the “historic” settlement in the Equifax case, users are being promised either free credit reporting software or a cash payout the settlement isn’t robust enough to actually support. But as we’ve noted previously, credit reporting is largely a useless perk; it’s already been given away free as the result of an endless series of previous similar hacks, and it’s usually only included in these kinds of cases to give the illusion of a fatter pot, letting feckless regulators proclaim “record” settlements.

At least in this case, the Yahoo settlement makes it clear you probably won’t be getting that full $100, something the Equifax settlement administrators and the FTC only revealed after the fact while proclaiming “surprise” at the number of people eager to be modestly compensated.

As it stands, the option to nab either worthless credit monitoring (or cash you probably won’t actually see) is available to US or Israeli residents who had a free Yahoo account at any time between January 1, 2012 and December 31, 2016. Like the Equifax settlement users may also be eligible for up to $25,000 if they can prove the hack directly resulted in financial harm via identity theft (no easy feat). The settlement is still pending final approval, but impacted users must make their claim for free credit monitoring or a cash payout by July 20, 2020.

Ultimately, no matter how many times regulators proclaim these kinds of settlements involve “record” financial tallies, they’re doing little to nothing to either aid users, or hold companies accountable for making securing private user data an afterthought.

Filed Under: , , , ,
Companies: yahoo

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Yahoo Hack Victims Line Up To Get $100 (Or Less) For Historic Hack”

Subscribe: RSS Leave a comment
Anonymous Coward says:

"That $358 tally is never going to happen given people like free money."

Free money? I think they’ve already paid a hefty price for that money.

And I think that your personal data is worth more than 100 USD, tbh. In fact, a breach like this should bankrupt Yahoo itself, and even bring legal responsibilities on its management, administrators and why not, even their stake holders.

Limited responsibility shouldn’t cover negligence, tbh.

Leave a Reply to Anonymous Coward Cancel reply

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...