By Shawn Henry 
Nissan North America has agreed to pay $1.5 million to resolve a class action lawsuit stemming from a 2023 data breach that exposed sensitive personal information belonging to employees. The settlement, which received preliminary approval from a federal court on January 22, 2026, aims to compensate individuals whose private data may have been compromised during the cybersecurity incident that began in early November 2023. The agreement covers all people who received official notice from Nissan informing them their information may have been affected.
The breach triggered legal action after employees alleged the company failed to adequately safeguard sensitive information stored within its internal systems. According to court filings, the data potentially exposed during the incident included names, Social Security numbers, dates of birth, employee identification numbers, pay details, and certain medical information. Plaintiffs argued that insufficient cybersecurity protections allowed unauthorized access to data that should have been secured against intrusion.
The class action lawsuit claimed Nissan did not implement reasonable safeguards to protect employee records, ultimately leaving personal information vulnerable when the breach began around November 7, 2023. The company did not admit wrongdoing as part of the settlement, but agreed to establish the financial fund to resolve the claims and avoid continued litigation. The court must still grant final approval before compensation is distributed.
Individuals who received notice that their information may have been exposed are considered members of the settlement class and may file claims to receive reimbursement. Eligible claimants have several compensation options depending on whether they can document financial losses linked to the data breach. Those who provide supporting documentation showing out-of-pocket expenses related to the incident can qualify for higher payments under the settlement terms.
Under the agreement, class members who submit proof of documented losses can apply for what the settlement defines as “Cash Payment A.” This option allows reimbursement of up to $450 for ordinary expenses connected to the breach. In cases involving more severe consequences tied to identity theft or misuse of personal data, claimants may be eligible to receive up to $4,500 for extraordinary losses if they provide appropriate documentation.
The settlement defines ordinary losses as expenses such as bank fees, postage costs, travel expenses, notary fees, and charges associated with credit repair services. It also includes the cost of obtaining credit reports or purchasing credit monitoring and identity protection services after the breach occurred. These reimbursements are intended to compensate employees who spent money protecting themselves after learning their personal information may have been compromised.
Extraordinary losses involve more serious financial consequences tied directly to identity theft or misuse of personal data. These claims must include third-party proof demonstrating that the affected individual experienced actual monetary damage resulting from unauthorized use of their personal information. The settlement requires that such losses must not have already been reimbursed through other sources in order to qualify for payment.
For individuals who cannot document financial harm, the agreement also provides an alternative option. Class members may instead choose “Cash Payment B,” which allows them to receive up to $100 without providing evidence of specific expenses tied to the breach. That amount may be reduced depending on how many valid claims are filed, since the total payout must remain within the overall settlement fund.
Claimants can elect to receive any approved payment either by physical check or through an electronic transfer. Settlement checks must be cashed within 60 days after they are issued, otherwise they will expire and become void. The settlement administrator will process payments only after the court grants final approval and any appeals are resolved.
In addition to direct financial compensation, the settlement also includes credit monitoring services for affected individuals. All class members may request two years of free credit monitoring provided through Experian. The program includes identity theft monitoring and insurance coverage designed to help individuals respond if their information is misused in the future.
The credit monitoring benefit is available even to individuals who already enrolled in monitoring services after the original breach notice was issued. Those who file a valid claim will receive an enrollment code that allows them to activate the service. The benefit is intended to help employees track suspicious financial activity that could result from exposure of their personal data.
Eligible class members must submit claim forms in order to receive any benefits under the settlement. Claims can be filed online through the official settlement website or submitted by mail using a downloadable form. Individuals filing online must enter a class member identification number that was included in their breach notification letter.
The deadline to submit a claim is May 26, 2026. Anyone who misses the deadline will not be eligible to receive financial compensation or credit monitoring through the settlement. The court has scheduled a final approval hearing for June 1, 2026, where a judge will review the agreement before deciding whether the settlement can move forward.
Only after that approval process is completed will payments begin to be distributed to eligible claimants. If appeals are filed, the timeline for payments could extend further while the legal process concludes. Until then, the settlement remains subject to final judicial review.
Since the 2023 breach, Nissan has implemented several cybersecurity measures intended to strengthen the company’s internal defenses. According to the settlement agreement, those changes include stricter firewall policies, enhanced monitoring systems, stronger VPN login protections, expanded response detection capabilities, and increased security training for employees.
The company has also extended security operations support and implemented additional network monitoring tools designed to identify suspicious activity more quickly. These changes were introduced after the breach was discovered as part of efforts to improve internal safeguards and prevent future unauthorized access to sensitive data.
The case now moves toward final review by the court, which will determine whether the settlement terms are fair to the affected employees. If approved, the agreement will bring the legal dispute to a close while providing financial compensation and monitoring services to individuals whose personal information may have been exposed during the 2023 breach.
Source
Related posts:
Texas Police Chase Ends in Crash After Dodge Challenger Hood Flies Open
Deputies Search for Suspect After Dodge Challenger Stolen from Darlington County Dealership
Texas Man Sentenced to Four Years for Allegedly Stealing Corvettes from Boerne Dealerships
Lexus Confirms Successor to the LFA Will Debut December 5
Eve Nowell