Capital One Settles Class-Action Cyber Lawsuit for $190 Million
(Bloomberg) -- Capital One Financial Corp. agreed to pay $190 million to settle a class-action lawsuit that customers filed against the firm after a hacker broke into its cloud-computing systems and stole their personal information.
Representatives for those customers, Capital One and Amazon Web Services -- the lender’s cloud provider -- jointly asked Judge Anthony Trenga to pause proceedings while the court evaluates the agreement. The settlement will cover 98 million Americans, and Capital One said it is fully reserved for the amount.
“While Capital One and AWS deny all liability, in the interest of avoiding the time, expense and uncertainty of continued litigation, plaintiffs and Capital One have executed a term sheet containing the essential terms of a class settlement that, if approved by this court, will fully resolve all claims brought by plaintiffs,” according to a filing with the U.S. District Court for the Eastern District of Virginia.
In July 2019, Capital One announced data from about 100 million people in the U.S. was illegally accessed. Federal prosecutors ultimately arrested Paige A. Thompson, a former Amazon cloud employee, for breaking into the bank’s server.
“The key facts in this case have not changed since we announced the event in coordination with federal authorities more than two years ago: the hacker was arrested and the stolen data was simultaneously recovered before it could be disseminated or used for fraudulent purposes,” Capital One said in an emailed statement Thursday. “We are pleased to have reached an agreement that will resolve the consumer class litigation in the U.S.”
Capital One has remained one of the financial industry’s earliest and biggest proponents of cloud technology, and last year finished exiting its data centers. The McLean, Virginia-based firm, which also has been investing in cybersecurity, last year poached Andy Ozment to become one its leading information-security executives.
©2021 Bloomberg L.P.