Anthem $115 Million Data Breach Settlement Approved by Judge


A $115 million settlement Anthem Inc. for a data breach that exposed consumer personal data won a federal judge’s approval.

The approval finalizes one of the largest settlements in a consumer data breach case. The health insurance giant reached the settlement with about 19.1 million Anthem consumers June 23 without admitting any wrongdoing.

“The Court finds that the Settlement is fair, adequate, and reasonable,” Judge Lucy Koh of the U.S. District Court for the Northern District of California wrote in her Aug. 15 opinion.

The 2015 breach on Anthem’s system affected more than 78 million people, exposing consumers’ Social Security numbers, names, dates of birth, and health care ID numbers and other data.

The consumers in the class group showed that their personal information was stored in the data warehouse hit by hackers, Koh wrote.

Many consumer data breach class actions get settled before trial as the parties seek to reduce litigation costs and the risk of a large adverse jury settlement.

The settlement includes a pool of $15 million for consumers in the class group to claim up to $10,000 each for their out-of-pocket expenses related to correcting. The class members can also get free credit monitoring services beyond what Anthem has already offered.

In addition to the settlement fund, the health benefits company agreed to make changes to its data security procedures, including adopting encryption protocols for sensitive data.

Representatives for Anthem and the consumer class didn’t immediately respond to Bloomberg Law’s email requests for comment.

The case is In re Anthem, inc. Data Breach Litig., N.D. Cal., No. 15-md-02617, final approval 8/15/18

To contact the reporter on this story: Daniel R. Stoller in Washington at dstoller@bloomberglaw.com

To contact the editor responsible for this story: David Mark at dmark@bloomberglaw.com