Home Depot Settles Consumer Lawsuit for $13M Over Data Breach
The home improvement retailer also agreed to pay $6.5 million to fund 1-1/2 years of identity protection services for card holders, and take steps to improve data security.
Terms of the preliminary settlement were disclosed in papers filed on Monday with the federal court in Atlanta, where Home Depot is based.
Court approval is required, and Home Depot did not admit wrongdoing or liability in agreeing to settle.
The company also agreed to pay legal fees of the plaintiffs’ lawyers, on top of the settlement fund.
“We wanted to put the litigation behind us, and this was the most expeditious path,” Home Depot spokesman Stephen Holmes said. “Customers were never responsible for any fraudulent charges.”
According to court papers, the settlement covers about 40 million people who had payment card data stolen, and 52 million to 53 million people who had email addresses stolen, with some overlap between the two groups.
The $13 million will compensate consumers with documented out-of-pocket losses or unreimbursed charges.
Home Depot has said the breach affected people who used payment cards on its self-checkout lines in U.S. and Canadian stores between April and September 2014.
In November, Home Depot said it had incurred $152 million of expenses from the breach, after accounting for expected insurance proceeds.
(Reporting by Jonathan Stempel in New York; Additional reporting by Nate Raymond; Editing by Chris Reese)
- Coming Soon to Florida: New State-Fed Program to Elevate Homes in Flood Zones
- Jane Street-Millennium Trade Secrets Fight Ends in Settlement
- Ruling on Field Stands: Philadelphia Eagles Denied Covid-19 Insurance Claim
- Nearly 1,000 Feared Dead After Cyclone Hits France’s Mayotte