Scam of the day – May 3, 2026 – Fidelity Data Breach Class Action Settlement

by | May 2, 2026 | Scam of the day

In the Scam of the day for October 14, 2024 I first told you about a data breach  at Fidelity Investments affecting 77,000 of its customers. The data breach occurred between August 17 and 19th of 2024 but was not disclosed by Fidelity until October 9th.  Sensitive personal information including names, Social Security numbers and financial account details of affected customers were compromised in the data breach.  Subsequently a class action was filed on behalf of the victims of the data breach alleging negligence on the part of Fidelity in not properly protecting its customers’ sensitive information.   The class action has now been settled.  According to terms of the settlement, eligible class members can receive up to $5,000 in compensation for actual documented monetary losses.  Alternatively, even if a class member had no out of pocket losses, they can receive a cash payment presently estimated to be $100.  All victims of the data breach will also receive identity theft protection insurance and credit monitoring, and monitoring for dark web postings related to their account.

Class members must complete an online claim form to be eligible for a payment.  The deadline for filing a claim is July 27, 2026.  Here is a link to file a claim online. https://fidelitydatasettlement.com/form/claim  A court hearing of July 9, 2026 has been set for a judge to give final approval to the settlement which is expected.

Regardless of whether you were affected by this particular data breach, we are all likely to be victims of future data breaches. So what can you do to protect yourself from data breaches that will be occurring?

TIPS

One important lesson is to limit the amount of personal information that you provide to companies and websites whenever possible although in this case investment companies do need your Social Security number for income tax reporting. However, your doctor doesn’t need your Social Security number for his or her records.

You should make sure that you have a unique password for each of your online accounts so that if one of your passwords is compromised in a data breach, all of your accounts will not be in danger.  If your information is compromised in a data breach, you should immediately change the password for that account.

If you have not already done so, set up dual factor authentication for each of you accounts where it is available. This will protect you from having those accounts stolen by someone who may have access to your password.  However it should be noted that the malware responsible for this particular data breach is able to bypass password requirements and dual factor authentication.

Freezing your credit is also something everyone should do.  It is free and easy to do.  In addition, it protects you from someone using your identity to obtain loans or make large purchases even if they have your Social Security number.  If you have not already done so, put a credit freeze on your credit reports at all of the major credit reporting agencies.  Here are links to each of them with instructions about how to get a credit freeze:
Everyone also should monitor their credit reports regularly for indications of identity theft.  The three major credit reporting agencies now provide free weekly access to your credit reports so you can monitor your credit reports easily on your own.  Here is the only link to use to get your free credit reports.https://www.annualcreditreport.com/index.action
Some scammers have websites that appear to offer “free” credit reports, but if you read the fine print, you often may find that you have signed up for unnecessary services.
Finally, be wary of anyone who calls you asking for personal information in regard to data breaches as that is a favorite tactic of  hackers to lure you into providing personal information that can lead to your becoming a victim of identity theft.  Scammers often pose as the breached company and contact victims of the data breach to convince them to provide personal information.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/