img

India’s second-largest IT services company, Infosys, has agreed to pay $17.5 million to settle a class-action lawsuit filed against its US-based subsidiary, Infosys McCamish Systems, following a cybersecurity breach in 2023.

The settlement, announced on Friday, remains subject to court approval but, if finalized, will resolve all claims without Infosys admitting liability.

The 2023 Cybersecurity Breach: What Happened?

Timeframe: October – November 2023
Company Affected: Infosys McCamish Systems (acquired in 2009)
Industry Impacted: Life insurance and retirement software solutions

What Went Wrong?


A data breach led to the non-availability of key systems and applications, disrupting business operations and exposing sensitive customer data.

Impact on Bank of America (BofA) Customers


The breach compromised the personal information of 57,000 BofA customers, including:
Names & addresses
Social Security numbers
Account details from BofA’s deferred compensation plan

Financial & Legal Fallout

Infosys incurred an estimated $38 million in costs related to:
System remediation & restoration
Notifying affected customers
Legal & investigative processes

The class-action lawsuit was filed over data security concerns, leading Infosys to propose a $17.5 million settlement.

What’s Next?


The settlement still requires:
Review & confirmation by plaintiffs
Finalization of settlement terms
Preliminary & final court approval

If approved, the settlement will close the legal dispute, allowing Infosys to shift its focus to enhancing cybersecurity.

Future of Cybersecurity in IT Services

The Infosys McCamish breach underscores the rising cybersecurity threats in the IT services sector, particularly for companies handling financial and personal data.

Key Takeaways for IT Firms:


Stronger data protection frameworks are now essential.
Global regulatory scrutiny on cybersecurity is increasing.
Investments in cybersecurity infrastructure are critical to preventing breaches and legal risks.

As cyberattacks become more frequent and costly, IT giants like Infosys must ensure robust security measures to safeguard client trust and business continuity.

Infosys cybersecurity breach 2023 Infosys $17.5M lawsuit settlement Infosys data breach legal case IT security failures in big tech Infosys hacking incident 2023 Cybersecurity threats in IT companies Infosys customer data exposure Infosys legal settlement details IT sector security risks and lawsuits Infosys financial impact of data breach Infosys reputation after cybersecurity breach Infosys compliance and data protection Major data breaches in tech industry Infosys stock market reaction Infosys corporate cybersecurity policies IT security best practices for companies How Infosys handled its data breach Cybercrime and corporate lawsuits Infosys lawsuit implications for IT firms Data privacy concerns in tech companies Infosys cyber attack investigation Tech companies facing cybersecurity lawsuits Infosys and global cybersecurity regulations Infosys crisis management strategy