Subscribe To Our Newsletter
Subscribe To Our Newsletter
South Carolina-based law firm Riley, Pope & Laney, LLC (RPL) has agreed to a class action settlement to resolve allegations that it failed to safely secure sensitive data on its computer networks. The breach allowed malicious digital hackers to compromise highly private files belonging to thousands of individuals nationwide.
If you are a United States resident who received an official notice informing you that your personal data was wrapped up in this August 2024 data security incident, you may be eligible to submit a claim. The newly established settlement offers qualified class members a choice between a $60 baseline cash payment or up to $2,500 in reimbursement for documented fraud-related losses. Additionally, all participating consumers can claim two years of specialized credit and identity protection services.
The class action lawsuit stems from a targeted cyberattack that breached the information technology infrastructure of Riley, Pope & Laney in August 2024. According to court documents, digital thieves managed to infiltrate the law firm’s internal servers and gain unauthorized access to private data files. The firm handles a wide variety of legal operations, meaning it stored sensitive, personal identifiers for a large pool of clients, associates, and related parties.
The lawsuit, Jason Warren v. Riley, Pope & Laney, LLC, was brought in the Circuit Court of Richland County, South Carolina, after affected consumers discovered their data had been left exposed. The plaintiff alleged that the firm failed to deploy reasonable, up-to-date cybersecurity protocols and missed critical warning signs of network vulnerability. Riley, Pope & Laney strongly denies any legal liability or wrongdoing but chose to agree to the settlement terms to avoid the mounting costs, public distraction, and operational uncertainty of an extended courtroom trial.
When a law firm’s database is targeted by a cyberattack, the files accessed often contain information that can easily be weaponized by identity thieves. In this specific security incident, court filings confirmed that the compromised files contained highly personal identifying information. For the vast majority of the affected population, the exposed files included full names paired directly with Social Security numbers.
The combination of a person’s legal name and Social Security number provides bad actors with the master key needed to commit identity fraud. With this data, hackers can fraudulently open credit card accounts, apply for bank loans, file false tax returns, or manipulate public records. Because this specific type of data exposure causes long-term economic anxiety for everyday people, the resulting class action sought to force the firm to provide immediate financial and protective relief.
The South Carolina court has established clear rules regarding who can participate in this data breach settlement. You may be eligible to submit a claim as a class member if you are a resident of the United States whose private personal information was compromised during the August 2024 data security incident at Riley, Pope & Laney.
The most straightforward way to confirm your eligibility is to check your mail for an official, physical settlement notice sent by the independent administrator. Anyone who previously received a data breach notification letter directly from the law firm regarding the August 2024 hack is automatically included in the settlement class. If you believe your data was exposed but did not receive a paper notice, you can contact the settlement administrator to verify your status using your full name and current address.
The legal claims brought against Riley, Pope & Laney highlight the growing importance of data privacy laws that protect everyday people from corporate negligence. In the digital age, professional entities like law firms, financial groups, and medical centers hold a fiduciary duty to safeguard the private assets and personal data entrusted to them by the public.
Under established consumer protection frameworks and common law principles, organizations that collect Social Security numbers must maintain strict technical and administrative safeguards. The plaintiffs argued that the firm breached its implied contract and failed to meet baseline industry security standards, which ultimately allowed the data to leak. When corporate entities fall short of these expectations, class action settlements provide an avenue for affected citizens to don’t stand alone and collectively demand financial accountability.
The settlement provides flexible compensation pathways tailored to the specific level of harm an individual experienced. If the data breach caused you actual financial trouble, you can claim up to $2,500.00 in reimbursement for documented out-of-pocket losses. This tier covers financial impacts incurred between August 11, 2024, and August 17, 2026, including:
Unreimbursed bank fees or fraudulent charges.
Fees paid for professional credit reports or credit monitoring services.
Costs associated with freezing or unfreezing your credit files.
Fees for replacement government IDs, postage, or notary services.
Up to three hours of lost time spent addressing the breach, compensated at $30 per hour (up to $90 total).
If you did not suffer direct financial fraud but still want compensation for the violation of your privacy, you can choose the alternative cash payment option instead. This path provides a one-time flat payout estimated at $60.00, and it requires absolutely no receipts or proof of loss. The final amount of this flat payment may adjust slightly on a pro rata basis depending on the total number of valid claims filed.
Because data exposed on the dark web can be utilized by scammers years down the road, the settlement provides an essential layer of ongoing security. Every single class member—regardless of whether they choose the documented loss reimbursement or the flat cash payout—is eligible to enroll in two years of complimentary, single-bureau credit monitoring services.
This protective package includes real-time monitoring of your credit files, dark web scanning alerts, and comprehensive public records tracking. Additionally, the service comes backed by a $1 million identity theft insurance policy. If any fraudulent activity occurs on your accounts during the two-year coverage period, the plan gives you direct access to fraud resolution agents who will work to repair your credit and resolve the underlying issues at no cost to you.
While the final claim deadline is in late August, there are separate, earlier dates you must respect if you want to alter your legal status in this lawsuit. If you do not wish to participate in this settlement—perhaps because you intend to retain your right to sue Riley, Pope & Laney individually over this data breach—you must formally request to be excluded from the class.
The strict deadline to submit an opt-out exclusion request or to file a formal, written objection detailing why you disagree with the settlement terms is July 18, 2026. If you choose to take no action at all before these dates pass, you will remain legally bound by the settlement. This means you will give up your future right to sue the firm, but you will also miss out on the cash and credit monitoring benefits since you didn’t file a claim.
Data breaches involving legal institutions serve as a stark reminder that everyday people must remain vigilant about their digital footprints. When you take the time to submit a claim in a data privacy settlement, you do more than just collect a check—you actively participate in holding large corporations and professional firms accountable for their security choices.
Don’t stand alone against corporate entities that fail to protect your personal identity. If you received a notice regarding the Riley, Pope & Laney data breach, locate your Notice ID, visit the settlement portal, and claim your cash and credit security benefits before the deadlines expire.
New cases and investigations, settlement deadlines, and news straight to your inbox.
