The cyber incident resulted in significant financial implications for Infosys, including loss of contracted revenues and approximately $38 million in costs related to remediation, restoration, communication efforts, investigative processes, analysis, and legal services. Indian technology giant Infosys Limited has agreed to pay $17.5 million to settle six class action lawsuits from a significant data breach at its U.S. subsidiary, Infosys McCamish Systems LLC (McCamish). The settlement, announced on March 14, 2025, resolves allegations related to a cybersecurity incident that compromised the personal information of approximately 6.5 million individuals across the United States. The cyber incident between October 29 and November 2, 2023, involved unauthorized access to McCamish’s systems, followed by data exfiltration and ransomware deployment. In April 2024, McCamish reported that approximately 6.5 million individuals were affected by the data breach, a substantial increase from the initially reported figure of 57,000. In a regulatory filing with the Securities and Exchange Commission (SEC), Infosys disclosed that McCamish and the plaintiffs engaged in mediation on March 13, 2025, resulting in an agreement in principle. Following the breach, McCamish implemented comprehensive incident response protocols, working with cybersecurity experts to mitigate the compromise. Under the proposed settlement terms, McCamish will pay $17.5 million into a fund to resolve all pending litigation. The cybersecurity incident significantly impacted McCamish, specializing in life insurance and retirement software solutions for the U.S. market. This settlement comes amid increasing regulatory scrutiny and financial penalties related to data breaches across various industries. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis.
This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 21 Mar 2025 09:45:15 +0000