If the settlement is approved by California courts, Yahoo could divvy up more than $117.5 million among users whose names, email addresses and passwords were stolen.
Eligible users can submit claims at Yahoodatabreachsettlement.com to receive at least two years of free credit monitoring services by AllClear ID.
If consumers can verify that they already use a credit monitoring service that they'll keep for at least a year, they can submit a claim for $100 instead. The true amount may be more than that -- up to $358 -- but it will likely be less, depending on how many people submit claims. File your yahoo claim here.
In 2016, Yahoo disclosed two massive data breaches: One in 2013, when an unauthorized third party stole user data, and another in 2014, the work of a "state-sponsored actor," the company said.
Sensitive financial data like bank account numbers and credit card information weren't believed to be stolen in the attack, but emails and passwords were.
Users were urged to immediately change their passwords and security questions -- key steps in protecting online accounts from similar attacks.
You're a member of the settlement class if:
- You had a Yahoo account between January 1, 2012 and December 31, 2016
- You received a notice about the data breaches
- You're a resident of the US or Israel
If you're eligible, you can submit a claim to receive at least two years of free credit monitoring services or collect $100.
You could earn up to $25,000, too, if you provide proof of out-of-pocket losses or loss of time during the data breaches.
How long will it take to settle?
The approval process could take more than a year. California courts will hear two cases to approve the settlement, with the final fairness hearing in April 2020, and no payments will be made until then.
All claim forms must be filed online or mailed no later than July 20, 2020.