See if you qualify for Fidelity’s $2.5M data breach settlement and learn how to fight identity theft

Eligible customers could receive as much as $5,000 from investment giant Fidelity.

Skip Navigation

Our top picks of timely offers from our partners

More detailsQuickBooksLearn MoreTerms ApplyPaid PlacementQuickBooksTrack your expenses with QuickBooks – 50% off 3 months when you buy nowTaxSlayerLearn MoreTerms ApplyPaid PlacementTaxSlayer25% off Your Federal Tax Return at TaxSlayer.com with code CNBC25MonarchLearn MoreTerms ApplyMonarchOur top pick for being easy to use, Monarch‘s budgeting app is 50% off your first year of Core Plan with code CNBC50BluevineLearn MoreTerms ApplyBluevineBluevine offers fast funding options for your small businessSBG FundingLearn MoreTerms ApplySBG FundingFast and flexible financing options for your small businessSelect independently determines what we cover and recommend. We earn a commission from affiliate partners on many offers and links. This commission may impact how and where certain products appear on this site (including, for example, the order in which they appear). Read more about Select on CNBC, and click here to read our full advertiser disclosure.

If you’re a Fidelity Investments customer, you may be eligible for a payout stemming from the financial giant’s recent $2.5 million data breach settlement.

Fidelity and its subsidiary, Fidelity Brokerage Services agreed to the deal on May 13, closing the door on a lawsuit alleging the investment giant failed to both adequately prevent a cyberattack and alert members to its existence after the fact.

  • Settlement amount: $2.5 million
  • Claim deadline: July 27, 2026
  • Maximum reimbursement: Up to $5,000
  • Estimated cash payment: About $100-$150
  • Credit monitoring: Two years
  • Final approval: July 9, 2026

In their complaint, the plaintiffs alleged that Fidelity detected suspicious activity on its network between Aug. 17 and 19, 2024, but waited almost two months before notifying customers. Calling the breach “preventable,” they claimed Fidelity’s “inadequately secured computer systems” allowed the attackers to gain entry.

According to their filing, some 77,099 individuals had data compromised, including “particularly sensitive and high-risk information,” such as Social Security numbers, driver’s licenses and financial account information. Court documents indicate approximately 86,000 more customers whose bank account and routing numbers were exposed may also be eligible for the settlement, even if they weren’t directly notified.

The plaintiffs allege that, as a result of the breach, they suffered fraud, lower credit scores and the exposure of their personally identifiable information (PII) on the dark web.

Fidelity has denied any wrongdoing but said it agreed to settle because of “the uncertainty and risks inherent in any litigation.”

“We remain fully committed to the security of our clients’ accounts and personal information,” the company told CNBC Select in a statement. “Litigation can involve a considerable amount of time and resources, [and] a settlement is one way to avoid this for both parties.”

Here’s what you need to know about Fidelity’s $2.5 million settlement, including who is eligible, how much you could receive, how to file a claim and what to do if you’re the victim of a data breach.

Who is eligible for the Fidelity data breach settlement?

Class members could number more than 160,000, including those notified of the breach and others whose bank account and routing numbers were allegedly exposed.

If you’re not sure whether you are a class member, you can go to the settlement website, email info@FidelityDataSettlement.com or call 833-386-6470.

You can also contact the settlement administrator at:

Fidelity Data Security Incident Settlement
c/o Settlement Administrator
P.O. Box 25226
Santa Ana, CA 
92799-9958

Offers in this section are from affiliate partners and selected based on a combination of engagement, product relevance, compensation, and consistent availability.

How much can you receive?

Eligible class action members may receive up to $5,000, depending on the nature of their losses.

  • Reimbursement of documented losses: You could receive up to $5,000 if you can document out-of-pocket losses incurred between Aug. 17, 2024, and July 27, 2026, resulting from the breach, including fraud and time spent restoring your identity.
  • Pro rata cash payment: Members of the class without proof or explanation may be eligible for payments of approximately $100, although the actual amount will depend on the number of class members and other legal costs
  • California Consumer Privacy Act (CCPA): California residents may be eligible for an additional $50 payment. 
  • Credit monitoring services: Class members can also claim two years of free credit monitoring from CyEx, including $1 million in fraud and identity theft insurance.

How do you file a claim?

To receive a payment from the settlement, you must submit a valid claim by July 27, 2026. You can file online here or download the claim form and mail it to the settlement administrator.  

The deadline to be excluded from the settlement was June 26, 2026.

Offers in this section are from affiliate partners and selected based on a combination of engagement, product relevance, compensation, and consistent availability.

When will settlement payments be sent?

The settlement was approved in a final fairness hearing on July 9, 2026. If there are no appeals, attorneys’ fees and the lead plaintiffs will be paid first.

The remaining funds will then be distributed among other class members who have submitted valid forms.  

What should you do if your personal information was exposed?

In most cases, advice about identity theft is reactive:

  1. Place fraud alerts with Experian, Equifax and TransUnion.
  2. Review your bank and credit card statements for suspicious activity.
  3. Freeze your credit to prevent new accounts from being opened in your name.
  4. Report identity theft to the Federal Trade Commission and local law enforcement.
  5. Keep records of all communications and fraudulent transactions.
  6. At least once every six months, review your credit reports for signs of suspicious activity. 
  • Your credit card company or bank should provide updated credit score information for free.
  • You can get free copies of your reports from each of the three major bureaus at AnnualCreditReport.com.
  • You can get a free credit report from Experian every 30 days and CreditWise from Capital One provides free access to your TransUnion credit report. Equifax offers two free credit reports per year with myEquifax.
  • For regular updates on all three reports, consider subscribing to a paid identity theft protection service like PrivacyGuard® or Experian IdentityWorks℠

Learn More

  • $9.99 to $24.99 per month

  • Experian, Equifax and TransUnion

  • VantageScore

  • Yes, for Identity and Total Protection plans

  • Yes, up to $1 million for Identity and Total Protection plans

Terms apply.

Learn MoreOn Experian’s site

  • Basic: Free; Premium: 7-day trial, after $24.99 per month; Family: 7-day trial, after $34.99 per month

  • 1-bureau credit monitoring, alerts and reports: Experian, with Basic plan only and 3-bureau credit monitoring, alerts and reports: Experian, Equifax and TransUnion®, with Premium and Family plans only

  • FICO® Score 8, with all plans

  • Yes, with all plans

  • Yes, up to $1 million with all plans

Terms apply.

*Identity Theft Insurance underwritten by insurance company subsidiaries or affiliates of American International Group, Inc. (AIG). The description herein is a summary and intended for informational purposes only and does not include all terms, conditions and exclusions of the policies described. Please refer to the actual policies for terms, conditions, and exclusions of coverage. Coverage may not be available in all jurisdictions.

How to prevent identity theft

There are some proactive measures you can take, though, like getting a password manager that can help keep your usernames, passwords and email addresses under lock and key. Services like Keeper and Dashlane add dark web monitoring and email masking.

Learn More

  • Keeper Free: $0; Keeper Unlimited: $3.58 per user per month; Keeper Family: $7.67 per month; Business plan: $2.00 to $6.00 per month

  • Allows importing from other password managers, adjusts auto-fill preferences for individual websites and allows for one-time password sharing

  • Yes

  • Available for web, desktop, and mobile devices.

  • Uses a zero-knowledge approach, government-standard AES-256 encryption, supports multi-factor authentication and biometrics, and performs quarterly third-party security penetration testing

Terms apply

Pros

  • Helps you securely share passwords and files
  • Offers unlimited password storage
  • Supports fingerprint and Face ID login
  • Password strength report

Cons

  • Free version is limited to one mobile device
  • Less Intuitive Interface
  • Dark web monitoring and file storage only available on paid plans

Learn MoreView MoreLearn More

  • Premium: $5.42 per month, includes VPN; Friends & family: $8.13 per month; Business plan: $8.00 per month; All prices are per month with annual billing selected

  • The premium plan provides access to VPN, password health checker, dark web monitoring and allows you to securely store sensitive documents.

  • Yes

  • Available for web and mobile devices.

  • Uses a zero-knowledge approach, government-standard AES-256 encryption, multi-factor authentication, support for biometrics and has passed third-party security audits.

Terms apply

Pros

  • Includes VPN in subscription
  • MFA support
  • Dark web monitoring
  • Offers file storage
  • Real-time scam protection

Cons

  • Free version is limited to one device and 25 stored logins
  • More expensive than some other competitors
  • Lacks desktop app

Learn MoreView More

Even if you’re not the victim of an attack, freezing your credit reports prevents anyone from opening a new account in your name. There is no harm to your credit score or existing accounts, and you can unfreeze your accounts whenever you want to apply for a credit card or loan.

Identity monitoring service Aura will freeze your credit without requiring you to contact the credit bureaus. It also offers a range of other security features, including a password generator, email aliases, a VPN, robocall filters and malware protection. 

Learn MoreOn Aura’s site

  • Kids: $13 per month or $10 per month billed annually; Individual: $15 per month or $12 per month billed annually; Couple: $29 per month or $22 per month billed annually; Family: $50 per month or $32 per month billed annually

  • Protects against identity theft, fraud, spam calls and websites, viruses and malware. Offers three credit bureau monitoring, VPN, dark web monitoring, password manager, email aliases and instant credit lock.

  • All plans include at least $1 million and white-glove fraud remediation

Terms apply.

Pros

  • 14-day free trial
  • Family plan includes up to 5 adults and an unlimited number of kids
  • Discount if you buy an annual plan
  • Up to $1 million to cover losses or expenses related to identity theft

Cons

  • Doesn’t monitor social media accounts
  • Annual plans can only be canceled in the first 60 days for a money-back guarantee

Learn MoreView More

Can I file a claim in the Fidelity data breach settlement if I wasn’t notified?

Yes, anyone in the U.S. whose bank account number and routing number were exposed in the breach is considered a class member, even if they weren’t notified by Fidelity. In all, more than 160,000 people may also be eligible for the settlement.

If you’re not sure whether you are a class member, you can visit the settlement website, email info@FidelityDataSettlement.com, or call 833-386-6470.

What happens if I miss the deadline to file?

Unless you opted out, you are still automatically part of the settlement. But if you do not file a claim by July 27, 2026, you will not receive benefits or payments and you will give up the right to be part of another lawsuit related to the legal claims in this case.

Do I need proof of identity theft to file a claim?

Proof of losses stemming from the breach is not required to file a claim in the Fidelity case. Class members who cannot document losses may receive approximately $100 in cash payments, depending on the number of claims filed. California residents may be able to claim an additional $50 under the California Consumer Privacy Act.

If you can prove that you suffered financial losses directly linked to the breach, you could be eligible for a payment of up to $5,000.

The CNBC Select Recommends newsletter delivers practical money tips each week along with expert-picked financial product recommendations. Sign up here.

Why trust CNBC Select?

At CNBC Select, our mission is to provide our readers with high-quality service journalism and comprehensive consumer advice so they can make informed financial decisions. Every cybersecurity article is based on rigorous reporting by our team of expert writers and editors. While CNBC Select earns a commission from affiliate partners on many offers and links, we create all our content without input from our commercial team or any outside third parties, and we pride ourselves on our journalistic standards and ethics.

Catch up on CNBC Select’s in-depth coverage of credit cardsbanking and money, and follow us on TikTokFacebookInstagram and Twitter to stay up to date.

Editorial Note: Opinions, analyses, reviews or recommendations expressed in this article are those of the Select editorial staff’s alone, and have not been reviewed, approved or otherwise endorsed by any third party.

About The Author

Leave a Reply

Your email address will not be published. Required fields are marked *

About the Author

Easy WordPress Websites Builder: Versatile Demos for Blogs, News, eCommerce and More – One-Click Import, No Coding! 1000+ Ready-made Templates for Stunning Newspaper, Magazine, Blog, and Publishing Websites.

BlockSpare — News, Magazine and Blog Addons for (Gutenberg) Block Editor

Search the Archives

Access over the years of investigative journalism and breaking reports