In a move designed to avoid the time and costs associated with a protracted legal battle, Certegy Check Services has offered to settle a class-action lawsuit filed on behalf of 8.5 million people whose personal data was compromised by an insider theft that the company disclosed last July.
The 52-page settlement was proposed by US-based Certegy on January 9 but just came to light this week. It currently is under review by a US District Court judge.
Certegy, a check-processing company that is a subsidiary of Fidelity National Information Services, said last year that a rogue database administrator had illegally accessed and then sold the personal data of about 2.3 million consumers to data brokers. The company later upped the number of compromised accounts to 8.5 million in filings made to the US Securities and Exchange Commission in August.
If accepted, Certegy's proposed settlement would give qualifying members of the plaintiffs class one year's worth of free credit monitoring services, plus up to two year's worth of free bank account monitoring services for individuals whose banking information might have been compromised in the incident.
In addition, consumers who can show that they were victimized by identity theft as a result of the breach will be eligible for certain "out-of-pocket" costs, such as those resulting from bank overdraft fees, according to a copy of the settlement.
But there are several caveats to that particular offer. For instance, Certegy has capped the total amount of money it will pay for identity theft claims to US$4 million, which will be disbursed on a first-come, first-served basis. Claims have to be filed within 90 days of the discovery of an identity theft incident or before March 31, 2011, -- whichever comes first. And the maximum amount that an individual can recover is US$20,000.