Chime Data Breach Lawsuit 2026: Team 313 Hack, Plaintiffs, Settlement & Claim Updates

A proposed class action lawsuit has been filed against Chime Financial, Inc., following a reported April 2026 cybersecurity incident that allegedly exposed sensitive customer information and disrupted customer-facing services. Three separate lawsuits — all filed in the U.S. District Court for the Northern District of California — allege that Chime failed to implement reasonable cybersecurity safeguards necessary to protect personal information stored within its systems.

The alleged attack has been attributed to Team 313, a pro-Iranian hacktivist group that claimed responsibility for crashing Chime’s internal servers on April 1, 2026. Plaintiffs claim that thousands of customers were left unable to access funds, view account balances, or use the Chime mobile app during the disruption. According to the lawsuits, sensitive personal data — including Social Security numbers, government-issued IDs, and financial credentials — may have been stolen during the incident.

Chime has denied that any customer data was compromised. The allegations remain unproven in court. No court has determined liability, and Chime has not been found responsible for any alleged wrongdoing.

Chime Data Breach Lawsuit Overview

What Happened During the April 2026 Chime Cyberattack?

On or around April 1, 2026, Chime Financial experienced a major service disruption that left thousands of customers locked out of their accounts. Users across the United States reported widespread issues with logging in, viewing account balances, sending money, and using the Chime mobile app. At its peak, the DownDetector page tracking Chime user reports recorded 6,647 problem reports — against a normal baseline of four.

Shortly after the outage began, Team 313 — a group that calls itself “The Islamic Cyber Resistance in Iraq” — publicly claimed responsibility. The group posted on its leak site that it had launched a massive cyberattack targeting Chime’s internal servers, crashing them and disabling both the application and website. The group claimed the attack lasted approximately one hour.

During the outage, Chime posted a statement on its status page telling customers that “the money in your account and your personal information are secure.” However, three class action lawsuits filed in the weeks that followed tell a different story — alleging that customer data was breached and that the disruption was far more serious than Chime publicly acknowledged.

Chime went public on Nasdaq in June 2025. As a publicly traded company, it is subject to the SEC’s 2023 cybersecurity disclosure rule, which requires companies to file a current report within four business days of determining that a cybersecurity incident is material. As of May 4, 2026, Chime had not filed any such disclosure with the SEC — meaning either the company determined the incident was not material, or it was still evaluating the situation.

Who Is Team 313? The Threat Actor Behind the Alleged Attack

Understanding who allegedly attacked Chime is essential to understanding the lawsuit. Team 313 is a pro-Iranian hacktivist group that multiple cybersecurity firms track under different names:

A March 2026 threat advisory published by cybersecurity firm Hawkeye — cited in all three Chime lawsuits — describes the group as linked to Iran’s Ministry of Intelligence and Security. The advisory characterizes the group’s strategy as one built primarily for influence operations rather than traditional cybercrime or espionage.

Critically, the Hawkeye advisory notes that Team 313’s primary attack method is distributed denial-of-service (DDoS) — flooding a target’s servers with traffic to take them offline — rather than data exfiltration. The advisory also warns that Team 313 is “known to exaggerate or fabricate breach claims.”

This detail matters significantly for the lawsuits. None of the three complaints filed against Chime has produced independent evidence that data was actually stolen — they rely on Team 313’s own public claims and publicly available news reporting. Chime has maintained that no customer data is left in its systems.

Why Plaintiffs Say the Breach Could Have Been Prevented

A central allegation across all three lawsuits is that Chime failed to implement and maintain reasonable cybersecurity measures — and that stronger protections could have prevented the incident or significantly reduced its impact.

According to the complaints, Chime allegedly should have:

• Implemented multifactor authentication to verify access credentials
• Encrypted sensitive customer data at rest and in transit
• Enhanced threat detection and real-time monitoring systems
• Improved access management and network segmentation procedures
• Adopted industry-recognized cybersecurity frameworks
• Maintained an adequate incident response plan
• Trained employees on cybersecurity protocols

The complaints frame the incident not merely as criminal activity but as a foreseeable consequence of alleged deficiencies in Chime’s security posture. These allegations have not been proven in court.

What Information Was Allegedly Exposed?

According to the class action complaints, the April 2026 incident may have resulted in unauthorized access to the following categories of customer information:

• Full names
• Social Security numbers
• Dates of birth
• Government-issued identification documents
• Postal addresses
• Email addresses
• Phone numbers
• Account credentials
• Other personal identifiable information (PII) maintained by Chime

The exact scope of any data exposure remains subject to ongoing litigation. Chime has stated that no customer data was compromised. The precise categories of information that may have been affected could vary among individual customers.

The Four Plaintiffs: What Each Customer Claims

Three lawsuits were filed, representing four customers with distinct experiences during the April 1 outage:

Cindy Castaneda and Lauren Goodloe (Filed April 3, 2026)

The first complaint — Case No. 3:26-cv-02924 — was filed by law firm Strauss Borrelli PLLC just two days after the outage. Castaneda, a Chime customer from Madera, California, alleged anxiety and disrupted sleep as a result of the incident. Goodloe, a Chicago-based customer, alleged she was unable to see her account balance and feared her rent payment would be late as a result of the outage.

Melissa Porter (Filed April 7, 2026)

Porter’s complaint alleged that the breach was a direct result of Chime’s failure to implement adequate cybersecurity procedures. She described no specific financial injury but cited fear, anxiety, and the time she spent monitoring her accounts after the incident.

Michael Walsh (Filed April 17, 2026)

Walsh’s complaint represents perhaps the strongest individual claim. He alleged that following the April 1 incident, he received a bank alert about an attempted unauthorized credit card charge and a separate notification that his personal information had appeared on the dark web. These specific, documented harms give his claims more grounding than the other complaints.

What Laws Apply to the Chime Data Breach Lawsuit?

The lawsuits invoke a combination of federal and California state laws:

California Consumer Privacy Act (CCPA) The CCPA gives California residents the right to know when their personal information has been compromised. It also imposes obligations on companies to notify affected individuals in the event of a breach. Failure to provide timely notification can itself form the basis of a legal claim. The complaints allege that as of their respective filing dates, Chime had not formally notified affected customers.

California Unfair Competition Law (UCL) The UCL prohibits businesses from engaging in unlawful, unfair, or fraudulent business practices. The complaints allege that Chime’s failure to maintain adequate cybersecurity constitutes an unfair business practice under this statute.

Federal Trade Commission Act (FTC Act) The FTC Act requires companies to maintain reasonable data security practices. The FTC has issued guidelines establishing expectations for how financial service providers should handle consumer data. The lawsuits cite these standards as the baseline Chime allegedly failed to meet.

California Breach Notification Law California law requires businesses to notify affected residents when certain categories of personal information — including Social Security numbers and government IDs — are subject to unauthorized access. The timeline and manner of that notification are legally significant in this case.

Chime’s Official Response

Chime has disputed the core allegations in all three lawsuits. A company spokesperson issued the following statement:

“We identified and quickly resolved a brief disruption affecting only our marketing website, Chime.com, with no impact to member information. Around the same time, a separate, unrelated internal issue temporarily affected our app. In both cases, no funds or member data were compromised. Protecting our members’ information is our top priority, and we maintain a robust, industry-leading security program to safeguard their data.”

The company believes the claims are without merit. Chime has not filed a material cybersecurity incident disclosure with the SEC as of the latest available court records, which may support its position that the incident was not a qualifying breach under federal disclosure standards.

Can I Join the Chime Data Breach Lawsuit?

The proposed class seeks to represent all United States residents whose personally identifiable information was compromised in the April 2026 Chime data breach. At this stage, no class has been certified by the court, and there is currently no settlement administrator or claim submission process.

Individuals who believe they may have been affected should:

• Preserve any breach notifications or account communications received from Chime
• Save screenshots of any suspicious activity, dark web alerts, or unauthorized charge notices
• Document any time spent monitoring accounts or addressing potential fraud
• Monitor court developments through official court records
• Follow official settlement announcements if one is reached

Eligibility for any future recovery will depend on court rulings, class definitions, settlement terms, and individual circumstances.

What Compensation Could Be Available?

No compensation has been approved because the litigation remains ongoing. However, data breach settlements in comparable cases have included:

• Reimbursement for documented out-of-pocket losses tied to the breach
• Credit monitoring and identity theft protection services
• Cash payments to qualifying class members
• Compensation for time spent addressing fraud
• Injunctive relief requiring Chime to strengthen its cybersecurity practices

Any potential recovery in this case would depend entirely on future court decisions or settlement negotiations between the parties.
Similar data breach settlements, such as the AT&T Class Action Lawsuit, have resulted in credit monitoring, cash payments, and identity protection services for affected customers.

What Should Affected Chime Customers Do Right Now?

Regardless of how the litigation resolves, customers who used Chime around or before April 2026 should consider taking these protective steps immediately:

1. Place a credit freeze with all three major bureaus (Equifax, Experian, TransUnion) — it is free and prevents new accounts from being opened in your name
2. Enable multifactor authentication on your Chime account and any linked email addresses
3. Change your Chime password and any passwords shared with other accounts
4. Set up fraud alerts with your bank and credit card issuers
5. Monitor your credit reports at AnnualCreditReport.com — you are entitled to free weekly reports
6. Watch for phishing attempts— attackers often use stolen data to craft convincing scam emails and texts
7. Save any suspicious notifications— dark web alerts, unauthorized charge notices, or unfamiliar login attempts are important evidence
8. Report suspected identity theft to the FTC at IdentityTheft.gov

Current Status of the Chime Data Breach Lawsuit

All three Chime data breach lawsuits remain active and pending in the U.S. District Court for the Northern District of California. The parties are expected to proceed through several stages of litigation:

• Initial pleadings and motions— Chime is expected to challenge the sufficiency of the complaints, likely arguing plaintiffs lack independent evidence of a data breach
• Discovery— Internal security records, incident response documentation, and communications related to the April 1 event may become relevant
• Class certification— Courts will evaluate whether the four plaintiffs adequately represent the proposed class
• Expert analysis— Cybersecurity experts may be retained by both sides to assess whether a breach occurred and what data may have been affected
• Settlement discussions or trial— If class certification is granted, settlement pressure typically increases

No final judgment has been entered. No court has found Chime liable.

Chime Data Breach Lawsuit Timeline

Is There a Chime Data Breach Settlement?

No. As of the latest available court records, no settlement has been announced or approved in connection with any of the three Chime data breach lawsuits.

Consumers should be cautious of any websites claiming that settlement payments are currently available. Court-approved settlements are accompanied by official notices, administrator websites, and formal claim procedures. No such process currently exists for this litigation.

Sources and Litigation Information

This article is based on publicly available court filings, litigation records, official company statements, and reporting from American Banker, Banking Dive, ClassAction.org, and Top Class Actions. The primary case referenced is Castaneda et al. v. Chime Financial, Inc., Case No. 3:26-cv-02924, U.S. District Court for the Northern District of California. Because the case remains pending, facts, allegations, and procedural developments may change as litigation progresses.

For updates on related cases, visit our Data Breach lawsuits section.

FAQs

Is there a lawsuit against Chime Bank?

Yes. Three proposed class action lawsuits have been filed against Chime Financial, Inc. in the U.S. District Court for the Northern District of California. All three relate to an alleged April 2026 cybersecurity incident. The cases remain pending, and no court has found Chime liable.

How to get money from a Chime settlement?

There is currently no open claim process for the 2026 data breach lawsuit. There is no settlement, no claims process, and no money available at this time. The lawsuit is pending in federal court in San Francisco. If a settlement is reached in the future, eligible customers will receive official notice with instructions on how to file a claim.

Did Chime confirm the data breach?

No. Chime has denied that any customer data was compromised. The company stated that the April 1 disruption affected only its marketing website and that a separate, unrelated internal issue temporarily affected the app. Chime maintains that no funds or member data were compromised in either event.

Who is Team 313?

Team 313 is a pro-Iranian hacktivist group — also tracked by cybersecurity firms as Void Manticore (Check Point), Storm-0842 (Microsoft), and BANISHED KITTEN (CrowdStrike) — that claimed responsibility for the April 1 attack on Chime. The group is primarily known for DDoS attacks and is described by security researchers as known to exaggerate or fabricate breach claims.

Is Chime still safe to use?

Customers can review Chime’s security information to learn more about account protection features. Customers concerned about security should use strong passwords, enable multi-factor authentication, and monitor account activity regularly.

Was Chime customer data actually stolen?

This is disputed. Team 313 claimed to have stolen Social Security numbers, IDs, and other personal data. Chime denied that any data had left its systems. None of the three lawsuits has produced independent evidence of data theft beyond Team 313’s own public claims. The Walsh plaintiff received a dark web alert and an unauthorized charge notice, which represents the most concrete reported harm so far.

Why are they closing Chime accounts?

Account closures are generally unrelated to the data breach lawsuit. Chime may close accounts due to suspected fraud, identity verification failures, compliance requirements, or violations of account terms. If your account was closed, contact Chime support directly for the specific reason.

How much is the Chime settlement?

It depends on which Chime case you mean. The CFPB settlement required Chime to pay at least $1.3 million in redress to consumers and $3.25 million in penalties. For the 2026 data breach class action, no settlement has been reached, so there are no confirmed payout figures.

How do I get $500 from Chime?

There is no $500 payment available from Chime at this time. The $500 figure comes from a separate Washington state text message lawsuit, which has not been settled. The only completed Chime-related resolution was a 2024 CFPB consent order that provided automatic payments of at least $150 to certain customers whose account balance refunds were improperly delayed after account closure.

What should I do if I think my Chime data was compromised?

Place a credit freeze at all three major bureaus, change your Chime password, enable multifactor authentication, monitor your credit reports, and save any suspicious notifications you have received. If you believe you are a victim of identity theft, report it to the FTC at IdentityTheft.gov.

Written by

Sadia Parveen

Sadia Parveen is a content writer at ClassAction24.com who creates informational articles on class action lawsuits, consumer protection matters, and legal developments. Her work focuses on researching publicly available information and presenting it in a clear and neutral format for general readers. She does not provide legal advice or professional legal services.

EmailLinkedInFacebook