A federal judge has refused to approve a class-action settlement over contact information stolen from online brokerage TD Ameritrade. U.S. District Judge Vaughn Walker in San Francisco says the deal offers little significant benefit to the more than 6 million current and former customers affected.
The proposed deal offered anti-spam software and a promise of tighter security at TD Ameritrade.
Walker rejected the deal in an order filed Friday, despite giving it preliminary approval earlier this year. He said the deal appeared to do more for Ameritrade and for the plaintiffs' lawyers, who were set to receive nearly $1.9 million in legal fees, than it did for the victims.
Anyone who held an Ameritrade account or provided an e-mail address to the company before Sept. 14, 2007, could have benefited from the settlement if it had been approved. The breached database included information on 6.2 million current and former customers.
Ameritrade spokeswoman Kim Hillyer said Monday the company was disappointed in the ruling.
"What we offered the clients directly addressed the issue of unwanted spam," she said.
Hillyer and one of the lead plaintiff's attorneys, Scott Kamber, both said Monday they felt the settlement did provide a meaningful benefit to members of the class.
"We remain committed to ensuring that the class realizes a benefit as a result of this litigation," Kamber said.
The three main benefits Ameritrade promised in the proposed settlement were to hire someone to test its security systems, to retain an outside expert to check for evidence of widespread identity theft and cover the cost of one year of anti-spam service for the victims.
"Of these purported benefits, the first and second seem to benefit the company more than the class," Walker wrote.
In his ruling, Walker cited concerns about the settlement that had been previously raised by the Texas Attorney General's Office and a former named plaintiff in the case.
But the Texas Attorney General's Office had endorsed the proposed settlement because changes were made in response to its objections.
Ameritrade officials have said the data theft has not been linked to cases of identity theft. The company did store sensitive information, including Social Security numbers and account numbers, in the database that was hacked. But officials have said that information does not appear to have been taken.
Ameritrade hired ID Analytics, which has expertise in identity theft, to help investigate. ID Analytics has checked Ameritrade's customer data against other databases four times and found no evidence of organized identity theft. The settlement called for ID Analytics to provide at least one more check after the deal gets final approval.
Ameritrade has not admitted any wrongdoing in the settlement.
And Ameritrade officials have said that insurance would have covered much of the cost of the proposed settlement, so the deal was not expected to affect the company's earnings materially. The Omaha-based company is scheduled to release its fourth-quarter earnings report Tuesday.
A hearing has been scheduled for Dec. 10 to determine what will happen next in the data breach case. Both Ameritrade and the plaintiffs' attorney said Monday they were evaluating their options and had not decided how to proceed.
<<Print>>