Cyber Security News

Infosys to Pay $17.5M in Settlement for 2023 Data Breach

Infosys, a leading IT services company, has announced that it has reached an agreement in principle to settle a series of class action lawsuits related to a data breach incident involving its subsidiary, Infosys McCamish Systems LLC.

The proposed settlement involves a payment of $17.5 million to resolve all allegations without admitting liability.

Background of the Incident

The data breach occurred in 2023, prompting the filing of six class action lawsuits in the United States against Infosys McCamish Systems LLC and some of its customers.

These lawsuits were initiated by plaintiffs who claimed that the breach led to significant losses and vulnerabilities in the handling of sensitive data.

In a statement dated March 14, 2025, Infosys revealed that the settlement agreement was reached during mediation on March 13, 2025.

Under the terms of this agreement, Infosys McCamish will contribute $17.5 million into a fund to settle all pending lawsuits.

The settlement still requires finalization of its terms, confirmation by the plaintiffs, and both preliminary and final court approval.

This settlement marks a significant step towards resolving the legal challenges faced by Infosys following the cyber incident.

By settling without admitting any liability, Infosys aims to move forward without the uncertainties associated with prolonged legal processes.

Quotes from Officials

While specific quotes from Infosys officials are not available in the latest update, the company’s commitment to transparency is evident from its regular communications regarding the case.

“This is for your information and records,” states A.G.S. Manikantha, Company Secretary of Infosys Limited. The settlement agreement will be hosted on the company’s website, indicating a commitment to keeping stakeholders informed.

The resolution of these lawsuits will likely enhance the company’s reputation for handling cybersecurity incidents effectively, even though it does not admit liability.

It demonstrates Infosys’s proactive approach to addressing legal disputes and underscores its focus on maintaining trust with clients and stakeholders.

The settlement aligns with industry trends where companies increasingly opt for early settlement rather than risking protracted legal battles.

This approach can help mitigate long-term reputational damage and financial uncertainty associated with ongoing litigation.

Infosys’s decision to settle the class action lawsuits for $17.5 million reflects its commitment to resolving disputes and ensuring continuity in its operations.

As the settlement progresses through the necessary approvals, Infosys will likely continue to emphasize its commitment to improving cybersecurity measures to prevent similar incidents in the future.

This settlement marks a crucial step in the aftermath of the 2023 data breach, showcasing Infosys’s strategic approach to managing legal and reputational risks in the complex landscape of technology and cybersecurity.

Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

Zero-Trust Policy Bypass Enables Exploitation of Vulnerabilities and Manipulation of NHI Secrets

A new project has exposed a critical attack vector that exploits protocol vulnerabilities to disrupt…

5 hours ago

Threat Actor Sells Burger King Backup System RCE Vulnerability for $4,000

A threat actor known as #LongNight has reportedly put up for sale remote code execution…

5 hours ago

Chinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile Vulnerability

Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile…

6 hours ago

Hackers Target macOS Users with Fake Ledger Apps to Deploy Malware

Hackers are increasingly targeting macOS users with malicious clones of Ledger Live, the popular application…

6 hours ago

EU Targets Stark Industries in Cyberattack Sanctions Crackdown

The European Union has escalated its response to Russia’s ongoing campaign of hybrid threats, announcing…

9 hours ago

Venice.ai’s Unrestricted Access Sparks Concerns Over AI-Driven Cyber Threats

Venice.ai has rapidly emerged as a disruptive force in the AI landscape, positioning itself as…

10 hours ago