On June 23, one of the nation’s largest health insurers agreed to pay $115 million to settle a data breach class action suit pending in the U.S. District Court for the Northern District of California. In 2015, the insurer announced that it had been hacked and that customer information had been compromised. On June 23, Plaintiffs submitted to the court a memorandum in support of the settlement. The settlement, if approved by the court, will provide almost 80,000 proposed class members with extended credit monitoring for at least two years. Additionally, the settlement will require the insurer to “implement or maintain meaningful, specific changes to its data security practices that directly address the security elements that Plaintiffs believe contributed to the breach,” including hiring independent consultants to perform annual IT risk assessments and compliance reviews, and providing the results of those audits to Plaintiffs’ counsel.