Thousands of bank customers across the US could qualify for compensation from a new data breach settlement, with some eligible to receive payments worth up to $12,500. People affected by the cyberattack are being encouraged to submit claim forms before the deadline later this summer.
Union Bank and Trust Agreed to $2.4 Million Settlement
Union Bank and Trust Co. agreed to pay $2.4 million to settle claims connected to a data breach involving file transfer software provider MOVEit. According to court documents, hackers illegally accessed customer information during a cyberattack that took place between May 27 and May 31, 2023.
The breach reportedly exposed sensitive personal data, including Social Security numbers and customer names. Plaintiffs claimed the bank failed to properly protect customer information and argued stronger cybersecurity systems could have prevented the breach.
Union Bank and Trust denied wrongdoing and denied liability but agreed to settle the lawsuit to avoid further legal costs and court proceedings. The case follows a growing number of lawsuits linked to the MOVEit cyberattack, which affected businesses, banks and organisations across the United States.
Customers Could Receive Thousands in Compensation
Under the settlement agreement, eligible class members can apply for several different forms of compensation depending on losses connected to the breach. Customers can claim up to $2,500 for ordinary documented losses linked to fraud, identity theft, bank fees or other expenses caused by the incident.
Class members may also receive compensation for time spent dealing with problems related to the breach, including time spent monitoring accounts or resolving fraud issues. People who experienced more serious financial harm may qualify for up to $10,000 in extraordinary losses if they provide documented proof supporting the claim.
Combined claims could allow some customers to receive payments totalling $12,500.
Free Credit Monitoring Included in the Settlement
In addition to financial compensation, all eligible class members can receive two years of three-bureau credit monitoring and identity theft protection services. Settlement administrators have already begun contacting affected customers directly with details explaining how to submit claims.
People who believe they qualify but have not received notice may still be able to file claims if they meet eligibility requirements connected to the breach period.
Customers Must File Claims Before July Deadline
Claim forms must be submitted before July 21, 2026. The settlement still requires final court approval, with a hearing currently scheduled for August 6. If approved, payments and identity protection services will be distributed to eligible customers afterwards.
Large-scale cyberattacks continue generating major legal settlements as companies face increasing scrutiny over data security and customer privacy protections. The MOVEit breach alone triggered lawsuits involving several major organisations, including financial institutions and healthcare providers.
As cyberattacks continue increasing nationwide, experts are encouraging consumers to monitor accounts carefully and review any notices linked to recent data breaches.
