A cyberattack exposed the personal information of approximately 36 million Xfinity customers in October 2023. Now, Comcast has settled a class-action lawsuit related to the hack, agreeing to pay $117.5 million to people affected by the breach. The settlement is open for claims, and if you’re a current or former customer who received a breach notification from Comcast in December 2023, you may be eligible for a flat cash payment of around $50, or up to $10,000 if you can document losses tied to the breach.
The deadline to file was initially Aug. 14, but it has since been extended to Sept. 14, 2026. Members of the settlement class who neglect to file a claim or dispute the settlement by the new September date will lose their right to take independent legal action against Comcast regarding this cybersecurity incident.
When Comcast notified users of the breach (PDF) in December 2023, the company admitted data thieves stole usernames, passwords, names, contact information, dates of birth and the last four digits of Social Security numbers.
In a class action lawsuit, Hasson v. Comcast Cable Communications LLC (PDF), customers alleged that Comcast was responsible for financial damages and for the time spent pursuing identity theft protection related to the breach. While Comcast denied any wrongdoing, it reached a preliminary settlement in January 2026, agreeing to pay $117.5 million to 36 million affected customers.
The official settlement website is now live, although payments won’t begin until after the court’s final approval hearing. That hearing is currently scheduled for Aug. 5.
If you qualify for a settlement payout, you can file on the website now. You need a unique settlement member ID number included within the initial online communication sent to affected Comcast customers to file the claim.
Read more: The $135M Google Data Settlement Site Is Live. See if You’re Eligible
You have multiple options if you don’t want to file a claim. If you object to the agreed-upon settlement, you can write to the court or ask permission to speak at the final approval hearing.
You can also opt out of the settlement, which will allow you to retain your right to separately sue Comcast in relation to this data breach. If you don’t file a claim by Sept. 14 or opt out of the settlement by July 1, you will lose out on payment from this settlement and lose the right to pursue further legal action. If you fill out a physical claim form, it will remain valid so long as it is postmarked by the filing deadline.
As part of the settlement, Comcast must pay for and provide identity defense services to any affected member of the class action suit. Unlike the settlement payouts, affected customers who do not file a claim will also be able to apply for the identity defense services. Anyone who opts out of the settlement will not be eligible for those services.
Representatives for Comcast and the law firm Lynch Carpenter LLP, which served as lead counsel for the plaintiffs, did not immediately respond to a request for comment.
Who can be part of the Comcast settlement?
Not every Comcast customer is automatically eligible to claim part of the settlement payout — the money is reserved for people whose personal information was accessed during the 2023 data breach.
In order to join, you must meet these three qualifications:
- Be a living individual human being in the US or its territories.
- Used Comcast services during the October 2023 data breach.
- Received a notification of being affected by the Comcast data breach.
While the court is scheduled to hold a final approval meeting on Aug. 5, those affected can file a claim on the official settlement website until Sept. 14. The approval meeting’s time and date have changed once already, and are subject to change again. Any updates will be posted on the website.
While some class action suit settlements pay out a lump sum to affected customers who don’t file a claim, that is not the case for Hasson v. Comcast Cable Communications LLC. You must file a claim and provide a payment method by the deadline to be compensated as part of the settlement.
How much will the Comcast settlement pay?
The amount of money each claimant will receive will be proportional to the out-of-pocket losses or lost time you can prove you incurred as a result of the data breach.
The total payment for each claimant is capped at $10,000 and is affected by the total pool of settlement money and the number of affected customers who file a claim.
If you don’t want to go through the process of proving out-of-pocket losses or lost time are connected to the data breach, you can instead choose to accept an alternative cash payment of $50. The alternative cash payment is subject to change depending on the total number of claimants.
A third of the settlement money ($39.2 million) is earmarked to pay attorneys’ fees, subject to court approval. After this amount is paid out, the remaining settlement money will be divided among the settlement members who submitted the claim form before the deadline.
Whether you’re claiming restitution for out-of-pocket losses, lost time or accepting the alternative cash payment, you must file by Sept. 14. Payments will be distributed after the final approval hearing, assuming there are no appeals.
Stephan is the sports journalist for the Maple Grove Report.
