We have previously reported on SPG Law, a former UK law firm (now PGMBM), representing British Airways customers who were affected by the 2018 data leak. A settlement has been reached.British Airways disclosed in September 2018 that its security systems had been breached, resulting in over 420,000 employees and customers having their personal information leaked.Names, addresses, credit card numbers, email addresses and debit and credit card numbers were all compromised.British Airways was also fined 20 million by the Information Commissioners Office for their negligence in the leak. Although the initial proposal from the ICO was a staggering 183 million, Covid-19 allowed British Airways to negotiate a lower fine.John wrote the last time John posted about the class action right before the deadline.Yesterday, PGMBM notified clients who signed up for the class action that they had reached a settlement agreement with BA. They asked them to review and accept the settlement.Here is the press release from PGMBMs regarding the settlement.PGMBM, the court-appointed lead solicitors is happy to announce that British Airways litigation has been settled on confidential terms. The largest group litigation in the UK relating to personal data has been resolved by British Airways Plc and legal representatives of claimants. Harris Pogust (PGMBM Chairman) said that they were pleased to reach a settlement on the matter following constructive mediation with British Airways. This is a very positive and timely resolution for all those affected by this data incident. PGMBM Chairman Harris Pogust said: We are very pleased to have reached a resolution on this matter after constructive mediation with British Airways. Although the resolution provides for compensation to qualifying claimants involved in the litigation, it does not admit liability to British Airways Plc. Harris stated that the Information Commissioners Office explained how BA failed to take sufficient measures to protect its passengers' personal and financial data. This did not offer any relief to the affected. That is now addressed by the settlement.The law firm claimed that claimants could get up to 2000 per case, but it is highly unlikely that reimbursement will exceed that amount. Firms will often throw around large numbers to encourage people to sign up, but the final amount is usually in the double- or triple digits.Some privacy cases do not require a cash payment. Instead, the companies may negotiate a 5-year membership with a credit monitoring or privacy protection service.I have reviewed the email that was sent to class members. It is confidential, so it cannot be reproduced here. However, it appears that there would be a cash payment this time (no amount specified).Also:British Airways pays without admitting any liabilityPGMBM will inform each claimant about the compensation they are entitled toEach claimant will be notified individually about the amount and terms of any settlement.A good portion of the settlement amount will go to the law firm that represented this claim. I'm totally okay with this because British Airways was extremely arrogant in this case. It wasn't the first or last occasion that BA's IT structure had been compromised, causing serious inconvenience and data breaches. These companies will be more vigilant in the future if they are subject to stiff fines.The settlement is up to the claimants whether they accept it or not. If you decide to reject the settlement, you can still sue BA for damages. It all depends on the individual.ConclusionAlthough I doubt that any class members would receive 2,000 GBP compensation for their losses, I believe it is time to remind these companies that they cannot let their front doors remain open like BA did here. We were able to have all our data stolen without any consequences.John used an American Express card from his American Express to pay for BA flight purchase in the early 2020s. When you're on the road, it can be a hassle to handle fraudulent charges or replace cards.