U.S. District Judge Ada Brown granted preliminary approval of the settlement agreement between Dallas-based AT&T and customers alleging a data security breach.
The lawsuit was filed in March 2024 on behalf of 73 million class members whose data was accessed during breaches that occurred in August 2021 and March 2024.
The breaches set off a frenzy of lawyers battling for leadership positions representing the plaintiffs.
The preliminary settlement would bring an end to more than a dozen proposed class action lawsuits filed in the wake of the breaches. Judge Brown had more than 18 cases transferred to her from the U.S. Judicial Panel on Multidistrict Litigation.
Now, a year later, the proposed settlement classes and AT&T have entered into the settlement agreement, which provides for the complete dismissal of claims asserted against AT&T on the merits and with prejudice if the court grants final approval of the settlement.
AT&T collects personally identifiable information from its customers, including date of birth, addresses and Social Security numbers.
The complaint alleged the data breach was an invasion of privacy caused by AT&T’s “failure to implement adequate and reasonable cyber-security procedures and protocols necessary to protect consumers’ [personally identifiable information] from a foreseeable and preventable cyber-attack.”
One of the many plaintiffs, Alex Petroski, who resides in Ohio, claimed he spends considerable time and money on efforts to mitigate and address the harm done by the data breach.
The preliminary approval handed down last week called the agreement fair and reasonable.
The settlement is separated into two classes. Class one includes “all living persons in the United States” whose data was involved in the breach, while class two consists of AT&T account owners or end users whose data was involved in the breach.
The settlement funds consist of $149 million for the first class and $28 million for the second class.
The deadline to object is Oct. 17, and the final approval hearing is scheduled for 9 a.m. on Dec. 3.
Jeff Ostrow, managing partner at Kopelowitz Ostrow Ferguson Weiselberg Gilbert, representing the plaintiffs, declined to comment on the order.
Counsel for AT&T did not immediately respond to requests for comment.
The plaintiffs are also represented by Devlan Geddes with Goetz Baldwin & Geddes, W. Mark Lanier with The Lanier Law Firm, and Jason S. Rathod with Migliaccio and Rathod.
AT&T is represented by BakerHostetler attorneys Lisa Nicole Collins, Alexander Vitruk, C. Shawn Cleveland, Colby Millard Everett, Daniel R. Warren, Gilbert S. Keteltas, James H. Rollinson, Kamran Benjamin Ahmadian, Kyle Thomas Cutts, Tamara D. Baggett, Yameel L. Mercado Robles, Great Lakes Legal Group attorneys Ayanna Alcendor and Jehan G. Crump-Gibson, Gregg Costa with Gibson Dunn & Crutcher, Skadden, Arps, Slate, Meagher & Flom attorneys Meredith C. Slawe and Michael W. McTigue Jr.
The case is In re: AT&T Inc. Customer Security Breach Litigation, 3:24-cv-757.