MGM Resorts has agreed to settle a class-action lawsuit for $45 million following two significant data breaches that affected approximately 37 million individuals. The breaches, which occurred in 2019 and 2023, exposed sensitive customer information, including driver’s license numbers, passport details, and personal addresses. In the 2019 breach, hackers stole critical data, while the 2023 incident involved a ransomware attack that disrupted MGM’s key systems for several days. Plaintiffs’ attorneys allege that during both incidents, hackers accessed and compromised valuable customer information.
As part of the settlement, eligible individuals may receive up to $15,000 each, in addition to tiered cash payments ranging from $20 to $75, depending on the severity of the data exposure. Additionally, the settlement includes one year of financial account monitoring to help protect against identity theft. To qualify for compensation, class members must provide documentation of losses related to the data breaches, such as unreimbursed expenses from identity theft or credit repair services. This settlement aims to provide compensation and support to those impacted by these breaches.
This blog is intended to provide information to the general public and to practitioners about developments that may impact Oregon class actions.
