Anthem Inc. has reportedly agreed to pay a settlement of $115 million to its customers that were affected by what is being called one of the largest data breaches in U.S. history.
The settlement is reportedly the largest ever to result from a data breach in the United States and would end a class action lawsuit that commenced after the 2015 breach. Using a stolen password, hackers were able to break into an Anthem database and steal close to 80 million records containing sensitive information belonging to former and current customers, including customer names, dates of birth, physical and email addresses, medical IDs, and Social Security numbers.
Anthem does not admit fault as part of the settlement. “Defendants deny any wrongdoing whatsoever, and this Agreement shall in no event be construed or deemed to be evidence of or an admission or concession on the part of any Defendant with respect to any claim of any fault or liability or wrongdoing or damage whatsoever,” the settlement says.
However, as part of the settlement Anthem agrees to guarantee a certain level of funding for “information security to implement or maintain numerous specific changes to its data security systems, including encryption of certain information and archiving sensitive data with strict access controls,” the plaintiff attorneys said.
Before it is finalized, the settlement is subject to a judge’s approval. U.S. District Court Judge Lucy Koh is scheduled to hear the case on August 17, 2017 in San Jose, California.