Experian/T-Mobile Data Breach Lawsuit
About the Experian Data Breach
On October 1, 2015, Experian announced that computer hackers infiltrated a server holding highly sensitive information for 15 million U.S. consumers.
The breach involved personal information including Social Security numbers, military ID numbers, passport numbers, names, and addresses.
The data was from consumers who applied for T-Mobile mobile phone service from September 1, 2013 to September 16, 2015. T-Mobile routed the information to Experian during the credit approval process.
About the Litigation
Over 40 class action complaints were filed across the country. All cases were transferred to and consolidated in the U.S. District Court for the Central District of California.
The Court appointed Berger Montague as one of several firms charged with litigating the case on behalf of the class.
On April 15, 2016, a Consolidated Class Action Complaint was filed. A copy of the Complaint is available here. The Complaint included claims for failing to implement and maintain adequate data security practices to safeguard personally identifiable information (PII), and failing to detect the breach in a timely manner.
On December 29, 2016, the Court rejected in large part Experian’s motion to dismiss the case. A copy of the Order is available here.
The case then proceeded to the discovery phase.
About the Settlement
After several years of hard-fought litigation, the parties reached an agreement to settle the case. The Court granted final approval of the settlement on May 13, 2019.
The settlement is valued at over $170 million. It consisted of $22 million for a non-reversionary cash Settlement Fund; $11.7 million for Experian’s remedial measures implemented in connection with the lawsuit; and two years of free credit monitoring and identity theft insurance. The aggregate value of credit monitoring claimed by class members during the claims submission process exceeded $138 million, based on a $19.99 per month retail value of the service.
Under the settlement, Class Members were entitled to recover the following cash payments:
- Reimbursements of fraud losses;
- Reimbursements of costs incurred in responding to the Data Breach; and
- Compensation for time spent in connection with the Data Breach, calculated at $20 per hour and capped at 2 hours for undocumented time or 7 hours for documented time.
In approving the settlement, the Court commented that it was an “excellent result” for the class.
Further information about the settlement is available at http://www.expdatabreachsettlement.com/.
About Class Counsel
The Court appointed the following law firms to represent the class:
- Ahdoot & Wolfson, PC (http://ahdootwolfson.com/)
- Robinson Calcagnie Robinson Shapiro Davis, Inc. (https://www.robinsonfirm.com/)
Plaintiffs’ Executive Committee:
- Berger Montague PC
- Girard Gibbs LLP
- Keller Rohrback LLP
- Zimmerman Reed
- Locks Law Firm
- Feinstein, Doyle, Payne & Kravec, LLC