$63M OPM Data Breach Settlement

data breach settlement

A class-action lawsuit has been brought against the U.S. Office of Personnel Management (OPM) in 2014 and 2015 and its security contractor in the 2013 and 2014 data breaches that compromised sensitive personal credentials of then-current and former federal government employees and contractors alongside certain applicants for federal employment. The electronic systems breach made the credentials of approximately 22.1 million class members vulnerable.

Settlement Website:  OPMdatabreach.com
Objection Deadline: 9/9/2022
Exclusion Deadline: 9/9/2022
Claim Form: https://www.opmdatabreach.com/Home/SubmitClaim
Deadline For Submitting Claim Form: 12/23/2022
Final Hearing Date: 10/14/2022
Settlement Amount: $63 million
Potential Claim Amount: Up to $10,000

Proof Of Purchase: Plaintiffs need to properly document their claim. This can be done by enclosing or uploading sufficient documentation showing the amount of unreimbursed loss suffered and the reason why plaintiffs believe that the loss was caused by the data breaches. For money expenditure, the documentation includes emails, bank statements, receipts, invoices, or telephone records including photographs.

The documentation of compensable lost time includes pay stubs showing time off taken for attending to issues arising from the breach, other billing records, invoices, emails, or other communications or records reflecting the same. Although personal declarations or statements are not considered reasonable documentation under the settlement terms, they can help in offering greater context, clarification, or support to other submitted documentation in support of the claim.

According to the plaintiffs, the actions of OPM were in complete disregard for their privacy as it failed to place proper data security safeguards. The plaintiffs also complained about the negligent acts of Peraton which allowed hackers easy access to the security credentials used for breaching OPM’s database. Though OPM and Peraton haven’t agreed to any wrongdoing, they have decided to honor the terms of this class action lawsuit to end the ongoing litigations. OPM denied that it acted “willfully or intentionally” and the violation caused compensable losses to the plaintiffs. The terms of the settlement are expected to benefit consumers who suffered losses from the cyber-attacks and had to incur out-of-pocket expenses or lost time after 7th May 2014 due to the following:

  • To access, unfreeze or freeze a credit report with a credit reporting agency.
  • To buy a credit or identity theft protection product, credit monitoring product, or any other product or service which has been specially designed to remediate or identify the data breaches.
  • Due to the identity theft or to alleviate the identity theft incident.

OPM is a federal agency serving as the human resource for federal government personnel. It is responsible to look after insurance, retirement benefits, and other related areas concerning federal employees. Free identity theft protection and credit monitoring services have been made available by OPM to all individuals whose personal information became compromised under the data breaches. According to the settlement terms, class members submitting a valid claim form within 23rd December 2022 will become eligible for a cash payment. Each claim will be valued at the greater of $700 or the actual claim amount up to a maximum ceiling of $10000.