Time is running out to file a claim in a $190 million settlement resolving a class action lawsuit against Capital One stemming from a huge data breach in March 2019 which exposed the personal data of more than 100 million customers.

Plaintiffs in a lawsuit filed in the U.S. District Court for the Eastern District of Virginia say a hacker could not have accessed Capital One’s cloud computing systems if adequate cybersecurity protections were in place. The bank “was aware of the particular security flaws that enabled the data breach, but still failed” to protect customers, according to their complaint.

This negligence puts millions of people at risk of fraud and identity theft, they added.

Capital One did not respond to a request for comment. In a December 2021 statement, the company denied any wrongdoing, but said it was accepting payment “in the interest of avoiding the time, expense and uncertainty of ongoing litigation.”

The deal received preliminary approval on January 31. The deadline to file a claim was originally August 22, but has been extended to September 30.

Here’s what you need to know about Capital One’s settlement, including how to find out if you’re eligible for a check, how much money you could receive and how to file a claim.

Learn more about class actionsfind out if you’re eligible for money from T-Mobile’s $350 million data breach case, Apple’s $14.8 million iCloud storage settlement, or Apple’s data tracking payment $90 million from Facebook.

What happened during the Capital One data breach in 2019?

In one of the largest financial security breaches in US history, a hacker accessed the personal information of approximately 106 million Capital One customers and applicants in March 2019.

The massive hack went undiscovered for about four months before Capital One made it public in July 2019.

Seattle engineer Paige Thompson, a former Amazon cloud worker, was eventually arrested in connection with the case. In June, she was convicted of wire fraud and unauthorized access and damage to a protected computer.

Capital One said Thompson illegally gained access to personal information related to credit card applications dating from 2005 to early 2019 for personal and small business accounts.

“With some of her illegal access, she installed cryptocurrency mining software on new servers, with mining revenue going to her online wallet,” the Justice Department said in a statement. statement, adding that Thompson had used an alias to brag on social media and online forums about organizing the attack.

Thompson is due to be sentenced on September 15.

In addition to the $180 million class action lawsuit, Capital One was fined $80 million and agreed to improve its cloud security standards.

Capital One said it immediately fixed the vulnerability of its servers to forged requests when it became aware of the breach.

What was revealed in the Capital One hack?

Capital One said approximately 140,000 Social Security numbers and 80,000 U.S. bank account numbers were exposed, along with birth dates, addresses, phone numbers, credit balances, transactions and credit ratings. credit.

One million additional Canadian credit card customers and applicants have had their social insurance numbers stolen.

No login information or credit card account number was obtained by Thomas, the bank said.

Who is eligible for the Capital One settlement payment?

Some 98 million claimants and cardholders are eligible to file a valid claim, according to Capital One, which said it sent letters and emails to members whose Social Security numbers or bank account numbers were exposed in the hack.

If you think you’re eligible but haven’t received a notice, contact the Settlement Administrator at 855-604-1811 for assistance.

How much can I receive from the Capital One settlement?

a Capital One bank in New York

About 140,000 Social Security numbers and 80,000 Capital One account numbers were exposed, along with birth dates, addresses, phone numbers, credit balances, bank transactions and credit scores.

Heather Shimmin/Getty Images

Class members may collect up to $25,000 in cash for lost time and disbursements related to the breach, including unreimbursed fraud charges, money spent to prevent identity theft, and professional data security services.

You may claim up to 15 hours of lost time spent resolving the issue, at a rate of at least $25 per hour.

The settlement also provides three years of free identity protection services through the Pango Group, including identity monitoring, lost wallet protection, security freeze capabilities, dark monitoring website, free account restoration, and $1 million in identity theft and fraud insurance.

How do I file a Capital One data breach claim?

You can file online at the Class Action Settlement website. You will need the unique ID and PIN printed on the notice you received from Capital One by mail or email, as well as detailed documentation including receipts, bank statements, canceled checks and bills. (If you lost your notice or never received one, contact the Settlement Administrator at 855-604-1811.)

You can also print a paper Claim Form and mail it, along with any supporting documentation, to the Settlement Administrator at:

Capital One Data Breach
Settlement administrator
Box 4518
Portland, OR 97208–4518

What is the deadline for filing a claim?

The original deadline to file a valid claim in the Capital One case was August 22, but that deadline has been extended to September 30, 2022.

The opt-out period for the settlement to retain the right to sue separately expired on July 7.

When will band members receive their payments?

A judge has given preliminary approval for the $180 million settlement. A final approval hearing was originally scheduled for August 19, but was postponed to September 8.

Assuming the settlement receives final approval and there is no appeal, the checks could be sent soon after. We will keep you updated as new information becomes available.