Proposed Settlement Reached in GameStop Data Breach

Elizabeth DiNardo, Esq. | Associate Counsel


A proposed settlement has been submitted to Delaware federal court judge John E. Jones III for preliminary approval in the GameStop data breach class action.

The suit was originally filed in September 2017 by named plaintiffs Crystal Bray and Samuel Cook. Bray and Cook allege that class members had their personal and non-public information—including names, addresses and credit/ debit card numbers and expiration dates—compromised during a massive cyber data breach that the defendant company experienced between August 10, 2016 and February 9, 2017.

GameStop is accused of failing to implement adequate safety measures to protect online customers’ personal information. Despite the breach occurring between August 2016 and February 2017, affected online customers were not notified until June 2, 2017. Plaintiffs further argue that the defendant failed to provide any meaningful assistance to victims of the breach, such as fraud insurance or credit monitoring.

According to court documents, the settlement will include roughly 1.3 million class members whose personal information was compromised during the breach when making or attempting to make an online GameStop purchase between August 2016 and February 2017. Class members could be eligible for a reimbursement of $15 per hour, for a maximum of three hours, for the time they spent trying to mitigate the damage done by the breach. Additionally, plaintiffs can receive $22 per stolen card with documentation and $120 for fraud protection services. The total dollar amount of the settlement has not yet been made public.

The case is: Crystal Bray et al. v. GameStop Corp., Case No.:1:17-cv-01365, in the U.S. District Court for the District of Delaware.


Counsel Financial provides working capital credit lines exclusively for the plaintiffs' bar in all states except California, where credit lines are issued by California Attorney Lending