Cable operator Comcast has agreed to a $33 million settlement with California authorities following a privacy breach that exposed the numbers, phone numbers, and addresses of 75,000 people between 2010 and 2012.
According to WRAL.com, the breach first occurred when a Comcast system upgrade failed to mark as private the information of thousands of customers who paid an additional $1.50 a month to protect their information from being published.
That data subsequently appeared online and in phone books after it was sold through a listings data licensing company. In 2013, Comcast decided to refund $2.5 million to the affected customers, thereby covering the period during which their information was made public.
Now some two years later, the cable operator has agreed to pay $25 million in penalties and investigative costs to the California Department of Justice and the California Public Utilities Commission. Comcast has also set aside $8 million to pay each customer affected by the breach $100.
“Publishing personal information that should have been unlisted is unlawful and a troubling breach of privacy,” Attorney General Kamala D. Harris said. “This settlement provides meaningful relief to victims, brings greater transparency to Comcast’s privacy practices and sends a message that violations of consumers’ privacy will result in significant penalties.”
Comcast, whose broadcasting services may have been temporarily affected by a Lizard Squad attack earlier this year, will as part of the settlement provide an additional $432,000 to law enforcement officers, judges, and domestic abuse victims who stated that they faced security concerns as a direct result of the leak, as well as some $518,000 in fees for unpublished numbers it collected from former customers.
The cable operator has released the following statement in response to the settlement:
“It has always been our goal to find a solution that works for all parties and for the customers who were impacted by this error,” said Jenny Gendron, a spokeswoman for Comcast, whose California operations are based in Livermore. “We value and work hard to protect our customers’ privacy, and we apologize to anyone who was impacted by this.”