Find Out if You Qualify for Money From Capital One’s $190 Million Cyberattack Settlement

id=”article-body” class=”row” section=”article-body” data-component=”trackCWV”>

After a  in 2019 that exposed more than 100 million customers’ personal data, Capital One agreed to settle a class action complaint for $190 million. A federal judge granted the deal final approval on Sept. 8. The time to file a claim — and get your piece of the payout — is quickly running out, though.

Capital One “knew of the particular security vulnerabilities that permitted the data breach” but still failed to protect customers, according to the complaint, filed in US District Court for the Eastern District of Virginia. The plaintiffs argued that a hacker would have been prevented from accessing Capital One’s cloud computing systems if adequate cybersecurity protections were in place and that Capital One’s negligence put millions of people at risk for fraud and identity theft.

The original deadline to file a claim with Capital One was Aug. 22 but it was extended to Sept. 30.

Capital One didn’t respond to a request for comment. The company has denied any wrongdoing and said in a statement it was  “in the interest of avoiding the time, expense and uncertainty of continued litigation.”

Here’s what you need to know about the Capital One settlement, including how to find out if you’re eligible for a check, how much money you could receive and how to file a claim.

For more on class-action cases, find out if you’re eligible for money from data breach case, storage settlement or Sara Lee’s

What happened in the 2019 Capital One data breach?

<div class="videoPlayer " data-component="videoPlayer" data-video-player-options='{"config":{"policies":{"default":11417438},"tracking":{"can_partner_id":"canPartnerID","comscore_id":"3000085","comscore_home":"3000085","comscore_how_to":"3000078","comscore_news":"3000078","comscore_reviews":"3000087","comscore_videos":"3000088","comscore_sense_id":"cnetvideo","comscore_sense_home":"cnethome","comscore_sense_how_to":"cnethowto","comscore_sense_news":"cnetnews","comscore_sense_reviews":"cnetreviews","comscore_sense_videos":"cnetvideo","nielsen_cid":"us-200330","nielsen_vcid":"c07","nielsen_vcid_reviews":"c05","nielsen_vcid_home":"c07","nielsen_vcid_news":"c08","nielsen_vcid_how_to":"c09","nielsen_vcid_videos":"c20"},"uvpConfig":{"mpx_account":"kYEXFC"}},"playlist":[{"id":"19a83ca0-c859-4394-a145-6c5ccd704fc7","title":"Capital One\u0027s data breach and how criminals could use the stolen data","description":"From The Daily Charge: Personal information stolen includes Social Security numbers, names, addresses and dates of birth.","slug":"capital-ones-data-breach-and-how-hackers-could-use-the-stolen-data","chapters":{"data":[],"paging":{"total":0,"limit":15,"offset":0}},"datePublished":"2019-07-30 16:55:00","duration":110,"mpxRefId":"3sNZ89MoFXYuam_EgUUu0fAmsem1ld9_","ratingVChip":"TV-14","primaryTopic":{"id":"1c1fbb47-c387-11e2-8208-0291187b029a"},"author":{"id":"","firstName":"","lastName":""},"primaryCollection":{"id":"040fa0bc-bf08-43dc-ac3d-ee7869a9fc85","title":"CNET News website

In one of the largest financial security breaches in US history, a  of about 106 million Capital One customers and applicants in March 2019. The massive hack went undiscovered until July 2019.  

Seattle engineer Paige Thompson, a former Amazon cloud employee, was ultimately arrested in connection with the case. In June, of wire fraud and unauthorized access and damages to a protected computer. 

Capital One said Thompson illegally gained access to personal information related to credit card applications dating between 2005 and early 2019 for both personal and small-business accounts. 

“With some of her illegal access, she planted cryptocurrency mining software on new servers with the income from the mining going to her online wallet,” the Department of Justice , adding that Thompson used an alias to brag on social media and online forums about masterminding the attack.Thompson is scheduled for sentencing on Sept. 15.

In addition to the $180 million class action lawsuit, Capital One was fined $80 million and agreed to enhance its cloud security standards. Capital One said it immediately fixed its servers’ vulnerability to forged requests when it became aware of the breach. 

What was exposed in the Capital One hack?

 about 140,000 Social Security numbers and 80,000 US bank account numbers were exposed, as were birth dates, addresses, phone numbers, credit balances, transactions and credit scores.

An additional 1 million Canadian credit card customers and applicants had their Social Insurance Numbers stolen.

No login information or credit card account numbers were obtained by Thomas, the bank said. 

Who is eligible for payment from the Capital One settlement? 

Some 98 million applicants and cardholders are eligible to file a valid claim, , which said it sent letters and emails to members whose Social Security numbers or bank account numbers were exposed in the hack. If you think you’re eligible but did not receive a notice, contact the settlement administrator at 855-604-1811 for assistance.

How much can I receive from the Capital One settlement?

a Capital One bank in New York Citya Capital One bank in New York City

About 140,000 Social Security numbers and 80,000 Capital One account numbers were exposed, along with birth dates, addresses, phone numbers, credit balances, bank transactions and credit scores.

Heather Shimmin/Getty Images

Class members can collect up to $25,000 in cash for lost time and out-of-pocket expenditures relating to the breach, including unreimbursed fraud charges, money spent and fees to professional data security services.

You can claim up to 15 hours of lost time spent addressing the issue, at a rate of at least $25 per hour. 

The settlement also provides three years of free identity protection services through the Pango Group, including identity monitoring, lost wallet protection, , dark-web monitoring, free account restoration, and $1 million in identity theft and fraud insurance. 

How do I file a claim in the Capital One data breach case?

You can file online at . You’ll need the Unique ID and PIN printed on the notice you received from Capital One in the mail or via email, along with detailed documentation, including receipts, bank statements, voided checks and ordinance invoices. (If you lost your notice or never received one, contact the settlement administrator at 855-604-1811.)

You can also print out a  and mail it in, along with any supporting documentation, to the settlement administrator at:

Capital One Data Breach

Settlement Administrator

P.O. Box 4518

Portland, OR 97208-4518

When is the deadline to file a claim?

The original deadline to file a valid claim in the Capital One case was Aug. 22 but that deadline has been extended to Sept. 30, 2022.

The deadline for exclusion from the settlement in order to retain the right to pursue separate legal action expired on July 7. 

When will class members receive their payments?

The settlement was given final approval on Sept. 8, but there may still be appeals that slow the process down. The settlement administrator will notify claimants about the timeline for payments.Payments will be made by either direct deposit or paper check, depending on the method selected.