The USAA data breach settlement has garnered massive attention after a $3.25 million class-action lawsuit for a 2021 data breach. The data breach exposed personal information of 22,000 customers due to system vulnerability that enabled unauthorized access to motor vehicle records. Even though USAA denies any wrongdoing, it has filed to settle to avoid further action.
Those who are affected by the breach must file their claims by April 7, 2025, to be eligible for compensation. If they don’t, they forfeit their right to any monetary award and also lose their right to sue USAA on this matter in the future.
The USAA Data Breach: A Quick Overview
In May 2021, USAA had a cybersecurity attack when unauthorized individuals gained access to personal data from its database. The breach resulted from a flaw in its automated system, wherein customer data was being inputted into insurance quote forms.
One of the victims, Vincent Dolan, learned that his private data had been compromised when a person he did not know opened an account under his name. After learning about the breach, Dolan sued USAA, sparking a three-year legal battle that ended in the $3.25 million settlement.
Why Did USAA Settle?
USAA maintains that it did nothing wrong but opted to settle for $3.25 million to avoid the expense of extended litigation. USAA included that cyberattacks were epidemic in 2021 and that this incident was one of a chain of security incidents.
The settlement provides restitution to affected customers while allowing USAA to close the issue without additional legal costs or damage to its reputation.
Who Is Covered?
To qualify for a USAA data breach settlement payout, customers must:
- Received an official notice via email or letter.
- Enter their claimant ID number and confirmation code in the notice.
- Submit their claim by April 7, 2025.
Settlement Payment and Compensation
The $3.25 million settlement fund will be distributed and it will be distributed to the lead plaintiff, Vincent Dolan, who will receive between $5,000 and $10,000. Attorney fees will be $35,000, plus a maximum of one-third of the settlement fund (approximately $1.08 million). The remaining amount will go to qualified claimants. If there are surplus funds after compensating claims, qualified customers might receive further compensation over and above the initial compensation.
USAA’s Response to the Data Breach
While USAA agreed to the settlement, the firm continues to hold that it was not responsible for causing the data breach. Through a statement, USAA attributed cyberattacks that circulated across the world in 2021.
As measures to buffer the impacts of the breach, USAA did the following:
- Notifying the involved customers at once about the breach.
- Providing free identity theft protection services for them.
- Implementing tighter cybersecurity measures to prevent future breaches.
What Happens If You Miss the Deadline?
If customers fail to file a claim by April 7, 2025, they will:
- Forfeit the financial compensation right from the settlement.
- Be denied their right to sue USAA for this accident in the future.
- While late claimants will receive payment, this will only happen if the settlement administrator can find them individually.
How to File a Claim
To receive compensation, affected customers are required to:
- Visit the official settlement website.
- Enter their claimant ID and validation code from the notice.
- Submit their claim by April 7, 2025.
- They will be paid in paper checks, which will be good for 60 days from the issue date.
Cybersecurity Threats and Lessons Learned
The USAA data breach settlement serves as a reminder of the ever-growing risks that come with cybersecurity threats. Data breaches have become more prevalent and sophisticated over the last few years, with both firms and consumers being affected.
To protect personal data, companies and individuals must take cybersecurity seriously. Some key takeaways from the USAA data breach are listed below:
For Companies:
- Enhance data security protocols to prevent future breaches.
- Periodically check for vulnerabilities in cybersecurity systems.
- Have multi-layered security systems to protect sensitive data.
For Consumers:
- Monitor personal data for unauthorized access.
- Employ strong, unique passwords to protect online accounts.
- Consider identity protection services to protect personal data.
Final Thoughts
The USAA data breach settlement provides impacted customers with an opportunity to be paid, but they have to move before April 7, 2025. Failure to do so results in the loss of a payout opportunity and the right to pursue litigation in the future.
Cybersecurity is also a growing threat, and businesses must give priority to keeping data secure in order to avoid such incidents. As customers, caution and locking down one’s own information is the best shield against cyber attacks in the computer age.
