Fidelity Investments has agreed to pay $2.5 million to resolve claims that it failed to prevent a 2024 data breach that exposed customers’ financial account numbers and routing numbers. The proposed Fidelity data breach settlement covers people who got notice that their information was compromised between Aug. 17 and Aug. 19, 2024.

Under the deal, class members can seek up to $5,000 for documented monetary losses tied to the breach, including unreimbursed fraud or identity theft losses, professional fees and credit expenses. They can also receive a cash payment of about $100, depending on how many claims are filed, while California class members may get an extra $50.

The settlement also provides two years of identity theft protection and credit monitoring, with $1 million in fraud and identity theft insurance. A claim must be filed by July 27, 2026. Requests to exclude oneself from the settlement or to object are due June 26, 2026, and a final approval hearing is scheduled for July 9, 2026.

The case, In re: Fidelity Investments Data Breach Litigation, Case No. 1:24-cv-12601-LTS, is pending in U.S. District Court in Massachusetts. Fidelity, which offers investment services, retirement accounts and other financial services, has not admitted wrongdoing. The plaintiffs say the breach could have been prevented if the company had taken reasonable cybersecurity precautions.

People seeking reimbursement for documented losses will need receipts, bills or other records that were not self-prepared. That detail matters because the broad cash payout may be modest, but the claims process is aimed at separating actual out-of-pocket harm from the rest of the class, and the court will decide whether the settlement is fair at next year’s hearing.