Massive $15.35M healthcare data breach payout—claim up to $25,000 before the December deadline

If you’ve ever had a medical scan or appointment in certain parts of the Northeast, you may want to take a closer look at your mailbox. A major healthcare provider is finalizing a $15.35 million class action settlement following a data breach that exposed sensitive information from more than 2.3 million patients. Those affected may be eligible for compensation of up to $25,000, depending on the type of loss they experienced.

What happened during the data breach​

In March 2022, cybercriminals successfully breached Shields Health Care Group’s digital defenses. For two weeks, from March 7 to March 21, hackers had unauthorized access to the company’s network. The fallout was serious: names, Social Security numbers, birthdates, medical record numbers, diagnoses, billing and insurance details, and even treatment information were all potentially compromised.

If you received a letter from Shields Health Care Group after July 25, 2022, you were likely among those affected. The breach didn’t just impact patients; it also affected over 50 partner facilities, making it one of the largest healthcare data breaches in recent years.

Why was a lawsuit filed?​

A class action lawsuit was filed, accusing Shields of failing to implement reasonable security measures and not notifying patients quickly enough after the breach. While Shields Health Care Group denies any wrongdoing (as is typical in these settlements), it agreed to pay $15.35 million to resolve the claims and move forward.

Who qualifies for payment?​

The settlement is divided into two groups:

• Massachusetts residents (State Action Settlement Class)
• All other US residents (Federal Action Settlement Class)

If your personal information was compromised in the March 2022 breach, you’re likely eligible, regardless of where you live in the US.

Also read: Don’t miss your chance to get up to $3,200 in energy savings before December 31

How much could you receive?​

The payout depends on how the breach affected you. There are three main categories:

1. Ordinary Losses (Up to $2,500)

• This covers out-of-pocket expenses, such as credit monitoring, credit report fees, long-distance phone charges, postage, and up to five hours of your time spent dealing with the breach (at $30/hour).

2. Extraordinary Losses (Up to $25,000)

• If you suffered more serious consequences, such as identity theft, fraudulent tax returns, financial fraud, or government benefits fraud, you can claim up to $25,000.
• You’ll need to show documentation of these losses, and you can also claim up to 20 hours of your time spent addressing the fallout (again, at $30/hour).

3. No Loss? You Still Get $50

• Even if you didn’t experience any direct losses, you can claim a one-time payment of $50. It’s a small token, but it’s better than nothing for the inconvenience and risk.

Also read: Struggling with high energy bills? This new program could help Americans save up to $432 starting this November

How to file your claim​

Option 1: File online (fastest method)

Visit the official settlement website at ShieldsDataSettlement.com. You'll need to:

• Complete the claim form with your personal information
• Upload supporting documents (receipts, statements, etc.)
• Submit before the December 3, 2025 deadline

Option 2: Mail your claim

Download the claim form from the settlement website or request one by calling 1-855-361-2172.

Important Dates to Remember:

• Claim Deadline: December 3, 2025
• Opt-Out/Objection Deadline: November 25, 2025
• Final Approval Hearing: December 16, 2025

Also read: You could qualify for $1,000s in medical debt relief—see if yours will be cleared automatically

Read next:

• Up to $237 is available in a new privacy settlement—here’s who qualifies
• Are you eligible for December’s $350 energy credit? Here’s how to find out
• Are you owed money? Wells Fargo to send out checks up to $5,000 after major settlement

Key Takeaways

• Shields Health Care Group has agreed to a $15.35 million class action settlement after a major 2022 data breach compromised the personal information of more than 2.3 million patients.
• Eligible class members can claim up to $2,500 for ordinary losses (such as credit monitoring or time lost) or up to $25,000 for extraordinary losses like identity theft, provided they can supply supporting documentation.
• All affected Americans, including those who didn’t suffer specific losses, can claim a one-time $50 cash payment. Claims must be lodged online or by mail before December 3, 2025.
• The settlement is open to residents of Massachusetts and other states, with the final approval hearing for the deal scheduled for December 16, 2025.

Were you affected by the Shields Health Care Group breach? Have you ever dealt with identity theft or a data breach before? Do you have tips for keeping your information safe?