Infosys to Pay $17.5M in Settlement for 2023 Data Breach

Infosys, a leading IT services company, has announced that it has reached an agreement in principle to settle a series of class action lawsuits related to a data breach incident involving its subsidiary, Infosys McCamish Systems LLC.

The proposed settlement involves a payment of $17.5 million to resolve all allegations without admitting liability.

Background of the Incident

The data breach occurred in 2023, prompting the filing of six class action lawsuits in the United States against Infosys McCamish Systems LLC and some of its customers.

These lawsuits were initiated by plaintiffs who claimed that the breach led to significant losses and vulnerabilities in the handling of sensitive data.

In a statement dated March 14, 2025, Infosys revealed that the settlement agreement was reached during mediation on March 13, 2025.

Under the terms of this agreement, Infosys McCamish will contribute $17.5 million into a fund to settle all pending lawsuits.

The settlement still requires finalization of its terms, confirmation by the plaintiffs, and both preliminary and final court approval.

This settlement marks a significant step towards resolving the legal challenges faced by Infosys following the cyber incident.

By settling without admitting any liability, Infosys aims to move forward without the uncertainties associated with prolonged legal processes.

Quotes from Officials

While specific quotes from Infosys officials are not available in the latest update, the company’s commitment to transparency is evident from its regular communications regarding the case.

“This is for your information and records,” states A.G.S. Manikantha, Company Secretary of Infosys Limited. The settlement agreement will be hosted on the company’s website, indicating a commitment to keeping stakeholders informed.

The resolution of these lawsuits will likely enhance the company’s reputation for handling cybersecurity incidents effectively, even though it does not admit liability.

It demonstrates Infosys’s proactive approach to addressing legal disputes and underscores its focus on maintaining trust with clients and stakeholders.

The settlement aligns with industry trends where companies increasingly opt for early settlement rather than risking protracted legal battles.

This approach can help mitigate long-term reputational damage and financial uncertainty associated with ongoing litigation.

Infosys’s decision to settle the class action lawsuits for $17.5 million reflects its commitment to resolving disputes and ensuring continuity in its operations.

As the settlement progresses through the necessary approvals, Infosys will likely continue to emphasize its commitment to improving cybersecurity measures to prevent similar incidents in the future.

This settlement marks a crucial step in the aftermath of the 2023 data breach, showcasing Infosys’s strategic approach to managing legal and reputational risks in the complex landscape of technology and cybersecurity.

Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free