This site cannot keep up with all the class action litigation settlements, but when we do report on one, we try to see what the settlement requirements in terms of improving infosecurity and cybersecurity. Here’s one with a requirement, as reported by The Athletic:
The San Francisco 49ers agreed to settle a class action lawsuit stemming from a February 2022 ransomware attack on the team’s data servers that exposed personal information of over 20,000 employees, officials and fans. The plaintiffs filed settlement papers Thursday in California federal court.
The proposed settlement, which covers 20,930 individuals, requires the team to create a new position — executive vice president of technology — to oversee IT operations, and hire a dedicated cyber-security IT professional.
The ransomware attack was previously reported in February 2022.