CClaimWatch
← All settlements

Open privacy class action settlements

Class action settlements over privacy violations — website tracking, pixels, wiretapping, biometric data, and unauthorized data sharing.

2 days left · July 13, 2026No proof neededprivacy

WISP, Inc. Data Privacy Settlement

WISP, Inc. allegedly disclosed customers' personal information to third parties through Meta Pixel and other tracking, analytics, and advertising technologies without consent, violating privacy laws including the Florida Security of Communications Act, California Invasion of Privacy Act, and Electronic Communications Privacy Act. The defendant denies all claims but agreed to settle to avoid ongoing litigation costs and uncertainties.

Up to $18

2 days left · July 13, 2026privacy

Chattanooga Heart Institute Data Breach Settlement

Memorial Heart Institute experienced a cybersecurity incident between March 8 and March 16, 2023, which may have resulted in unauthorized access to or acquisition of individuals' private information including names, addresses, email, phone numbers, dates of birth, driver's license numbers, Social Security numbers, account information, health insurance information, diagnosis/condition information, lab results, and medications.

4 days left · July 15, 2026privacy

Dayton International Airport Parking FACTA Settlement

SP Plus Corporation allegedly printed the full expiration dates of credit cards and debit cards on electronically printed paper receipts issued to customers at Dayton International Airport. This violated FACTA (Fair and Accurate Credit Transactions Act) regulations regarding the display of sensitive payment card information.

Up to $23

4 days left · July 15, 2026privacy

Richard Teague v. AGC America Data Breach Settlement

AGC America, Inc. experienced a December 2023 targeted cyberattack in which a third party gained unauthorized access to certain of the company's systems and may have accessed individuals' personal information including names, addresses, dates of birth, Social Security numbers, driver's license numbers, financial account information, passports, payment card numbers, company network login credentials, and limited health insurance plan enrollment information. AGC denies any liability or wrongdoing.

7 days left · July 18, 2026privacy

Chapple v. Cross Valley Federal Credit Union Data Breach Settlement

Cross Valley Federal Credit Union experienced a cyberattack on its computer systems in December 2024. Certain files containing private information became accessible, potentially including full names, addresses, and Social Security numbers. The defendant denies wrongdoing, and the parties agreed to settle to avoid litigation costs and risks.

9 days left · July 20, 2026privacy

First Financial Security Data Breach Settlement

In 2023, cybercriminals bypassed First Financial Security's cybersecurity systems and executed a ransomware attack, encrypting data. The plaintiff alleges the breach gave criminals access to consumers' personal information including names, dates of birth, and Social Security Numbers, as well as protected health information. First Financial denies any wrongdoing.

9 days left · July 20, 2026privacy

Amy Walker v. New River Electrical Corp. Data Breach Settlement

Cybercriminals gained unauthorized access to New River Electrical Corporation's network during April-May 2024, potentially accessing and acquiring files containing the private information of approximately 9,845 individuals. The defendant denies all charges of wrongdoing or liability and states the settlement is not an admission of wrongdoing.

9 days left · July 20, 2026privacy

Youth and Shelter Services Data Incident Settlement

Youth and Shelter Services, Inc. experienced a cybersecurity incident in September 2023 in which certain files containing private information were potentially accessed. The data potentially compromised includes names, dates of birth, Social Security numbers, driver's license numbers, financial account information, medical information, health insurance information, billing & claims information, passport numbers, and other government-issued identification numbers. The Defendant denies wrongdoing.

10 days left · July 21, 2026privacy

Willow TV VPPA Settlement

Times Internet (UK) LTD, which operates Willow TV, is accused of improperly handling viewing data related to pre-recorded videos. The defendant denies violating any laws but has agreed to settle the case to avoid the costs and risks of continued litigation.

10 days left · July 21, 2026data breach

Union Bank and Trust Company Data Breach Settlement

Union Bank and Trust Company experienced a MOVEit security incident between May 27-31, 2023 that potentially exposed customers' personally identifiable information. The defendant denies any wrongdoing but has agreed to settle the lawsuit.

$100–$10,000

10 days left · July 21, 2026No proof neededprivacy

Jeffries v. Derick Dermatology PLLC Settlement

Derick Dermatology PLLC allegedly disclosed personal information to third parties through pixels, cookies, code, and tracking or analytics tools on its website without permission. The defendant denies violating any law but agreed to the settlement to avoid litigation costs and business disruption.

Up to $12.50

10 days left · July 21, 2026No proof neededprivacy

Thriveworks Privacy Settlement

Thriveworks disclosed sensitive information and private communications from its website to Google and LinkedIn without user consent, allegedly violating state and federal law. Thriveworks denies any violations but agreed to settle to avoid litigation costs and uncertainties.

Up to $10

11 days left · July 22, 2026No proof neededdata breach

Enroll Confidently Data Breach Settlement

Enroll Confidently Inc. experienced a data incident on or about February 13, 2024, that resulted in potential temporary unauthorized access to or acquisition of Settlement Class Members' Private Information, including names, addresses, Social Security numbers, dates of birth, health insurance and benefit information, and medical information.

$100–$3,500

12 days left · July 23, 2026data breach

SAG-AFTRA Health Plan Data Breach Settlement

SAG-AFTRA Health Plan experienced a data breach between September 17-18, 2024, in which personal information of plan members may have been compromised. The defendant denies any wrongdoing.

Up to $5,000

12 days left · July 23, 2026data breach

Gandara Mental Health Center Data Breach Settlement

Gandara Mental Health Center suffered unauthorized third-party access to its network, discovered on or around June 20, 2024, compromising private information of individuals. The defendant has agreed to implement appropriate security measures and pay for costs of notice, administrative expenses, service awards, and attorneys' fees.

16 days left · July 27, 2026privacy

PowerSchool Naviance Data Interception Settlement

PowerSchool, Hobsons, Heap, and Chicago Public Schools allegedly illegally intercepted students' confidential and sensitive communications while using the Naviance educational technology platform, violating wiretapping and privacy laws. The defendants deny wrongdoing but agreed to settle to avoid litigation expenses and uncertainties.

Pro rata share of the Settlement Fund (equal share among all approved claims)

17 days left · July 28, 2026privacy

Continental Cafe Holdings Data Incident Settlement

Continental Cafe Holdings, LLC experienced a cybersecurity event called the "Data Incident" that affected individuals' personal information. The company is settling a class action lawsuit brought by affected individuals by offering benefits including compensation for documented losses, credit monitoring services, and cash payments.

$0–$750

20 days left · July 31, 2026No proof neededprivacy

Barefoot Dreams Privacy Settlement

Barefoot Dreams disclosed customers' personal information to third parties through Meta Platforms and Attentive Mobile tracking technologies without consent, allegedly violating privacy laws including the Florida Security of Communications Act, Electronic Communications Privacy Act, and California Invasion of Privacy Act. The defendant denies all claims and maintains it did nothing wrong but agreed to the settlement to avoid litigation costs.

Up to $8

24 days left · August 4, 2026privacy

Esse Health Data Breach Settlement

Esse Health experienced a cyberattack on its computer systems in April 2025 that potentially compromised personally identifiable information and protected health information of patients, including names, addresses, dates of birth, health insurance information, Social Security numbers, medical record numbers, and certain health information. Esse Health denies it did anything wrong.

24 days left · August 4, 2026data breach

Fitzgerald Wealth Management Data Breach Settlement

Fitzgerald Wealth Management, LLC experienced a data incident in April 2025 that affected its computer systems. Certain files containing personal information were accessed. The defendant denies wrongdoing, and the parties have agreed to settle to avoid litigation costs and uncertainties.

25 days left · August 5, 2026privacy

Sprouts Farmers Market Settlement

Sprouts Farmers Market allegedly printed more than the last five digits of customers' credit card, debit card, or EBT card numbers on receipts, violating the Fair and Accurate Credit Transactions Act (FACTA). Sprouts denies the allegations but agreed to settle the consolidated class actions to avoid further litigation costs and appeals.

27 days left · August 7, 2026No proof neededprivacy

Motility Data Breach Settlement

Motility Software Solutions suffered a cybersecurity incident in August 2025 that resulted in potential unauthorized access to or acquisition of customers' private information, including names, addresses, email addresses, phone numbers, dates of birth, Social Security numbers, and driver's license numbers. The company has agreed to settle the class action without admitting wrongdoing.

$75–$5,000

28 days left · August 8, 2026data breach

LCPtracker Data Breach Settlement

LCPtracker suffered a targeted cyberattack on its computer systems in August 2024 in which certain files containing private information were accessed, including names and Social Security numbers. LCPtracker denies any wrongdoing, and the lawsuit has been settled to avoid further litigation costs and uncertainties.

31 days left · August 11, 2026data breach

Onsite Mammography Data Breach Settlement

An unauthorized third party gained access to one Onsite Mammography employee's email account in October 2024, and an investigation determined that certain files containing Settlement Class Members' personally identifiable information and protected health information may have been impacted. The defendant denies any wrongdoing and denies liability but has agreed to settle the lawsuit.

Pro Rata Cash Payment and reimbursement for out-of-pocket losses; Credit and Medical/Healthcare Data Monitoring and Insurance Services also available

31 days left · August 11, 2026privacy

Flagstar Data Breach Settlement

Flagstar Bank experienced two data breaches in January 2021 and December 2021 that impacted the personal information of approximately 2.2 million U.S. consumers, including about 364,000 California residents. The settlement resolves claims related to these breaches. Flagstar denies any wrongdoing.

$60–$599

32 days left · August 12, 2026privacy

Deanco Healthcare Data Breach Settlement

On May 1, 2023, Deanco Healthcare experienced a cybersecurity attack that compromised its IT network. A threat actor accessed database files containing sensitive personal information including addresses, dates of birth, Social Security numbers, driver's license numbers, financial account information, health insurance plan member IDs, claims data, and clinical information. Deanco has agreed to settle the resulting class action litigation.

$100–$5,000

34 days left · August 14, 2026No proof neededprivacy

St. Joseph Hospital Pixel Settlement

St. Joseph Hospital of Nashua, N.H. allegedly unlawfully collected, used, and disclosed personally identifiable information and protected health information of persons who used a MyChart patient portal account. The Defendant denies these allegations and denies all wrongdoing.

Up to $50

36 days left · August 16, 2026privacy

Williams v. Duke University Health System Settlement

The plaintiff claims Duke University Health System used a tracking tool on its website that disclosed personal or health-related information to a vendor when users accessed the Duke MyChart Patient Portal or MyDuke Health mobile app. Duke denies any wrongdoing and the court has not ruled that the defendant did anything wrong.

37 days left · August 17, 2026privacy

Alta Resources Corp. Data Breach Settlement

In November 2023, Alta Resources Corp. suffered a targeted cyberattack on its computer systems where certain files containing private information were accessed. The files may have contained personal information such as names, Social Security numbers, financial account information, taxpayer identification numbers, government-issued identification, and protected health information including health insurance and medical information. Alta denies wrongdoing, and the court has not decided who is right.

37 days left · August 17, 2026data breach

Riley, Pope & Laney Data Breach Settlement

Riley, Pope & Laney, LLC experienced a targeted cyberattack on its computer systems in August 2024. The attack compromised files containing private information, including first name or first initial and last name, and Social Security numbers.

37 days left · August 17, 2026data breach

GeoLogics Corporation Data Breach Settlement

GeoLogics Corporation experienced a targeted cyberattack on its computer systems in December 2023 that compromised private information files. The files may have contained personal information including names, addresses, phone numbers, dates of birth, photo identification, driver's licenses, and Social Security numbers. GeoLogics denies wrongdoing.

38 days left · August 18, 2026privacy

Wright Brothers Construction Company Data Breach Settlement

Wright Brothers Construction Company experienced a targeted cyberattack on its computer systems in April 2024. Files containing private information, such as names and Social Security numbers, were accessed during this data incident. Wright Brothers denies wrongdoing, and the court has not made a determination on the merits.

38 days left · August 18, 2026data breach

Ciuni & Panichi Data Breach Settlement

In November 2024, unauthorized individuals accessed a Ciuni & Panichi database containing personal information including names, Social Security numbers, and dates of birth. The defendant denies wrongdoing, but agreed to settle the class action lawsuit to end the litigation.

$125–$5,000

39 days left · August 19, 2026data breach

Mt. Baker Imaging Data Security Settlement

Mt. Baker Imaging and Northwest Radiologists experienced a ransomware attack between January 20-25, 2025, in which cybercriminals accessed and exfiltrated personally identifiable information (PII) and protected health information (PHI) affecting approximately 340,184 class members. Plaintiffs allege the defendants failed to implement and maintain necessary data security safeguards. Defendants deny wrongdoing but agreed to settle to avoid continued litigation.

Up to $5,000

39 days left · August 19, 2026privacy

Legends Hospitality Data Breach Settlement

Legends Hospitality, LLC suffered targeted cyberattacks on its computer systems in November 2024, December 2024, and January 2025. Certain files containing private information such as names, dates of birth, Social Security numbers, driver's license numbers, government ID numbers, financial information, medical information, and health insurance information were accessed. Legends Hospitality denies any wrongdoing.

39 days left · August 19, 2026privacy

WaterStreet Company Data Breach Settlement

WaterStreet Company experienced a cyber incident on March 17, 2025 (the "Data Incident") that resulted in unauthorized access to files containing private information. The exposed information included names along with one or more of the following: taxpayer identification numbers, bank account information, and/or Social Security numbers. WaterStreet denies doing anything wrong, and the parties agreed to settle the lawsuit to avoid the costs and risks of continuing litigation.

40 days left · August 20, 2026privacy

OBI Seafoods Data Incident Settlement

OBI Seafoods experienced a targeted cyberattack on its computer systems in August 2024. Files containing private information including names, Social Security numbers, addresses, dates of birth, medical information, health insurance details, government identifiers, and bank account information were accessed. OBI denies wrongdoing, and the parties agreed to settle to avoid litigation costs and uncertainties.

40 days left · August 20, 2026privacy

Wyssta Services Delta Dental Privacy Settlement

Wyssta Services allegedly installed and implemented advertising and analytics tracking technologies, such as cookies and pixels, on the Delta Dental website my.deltadentalcoversme.com without users' knowledge or consent, potentially violating the Electronic Communications Privacy Act and Illinois Eavesdropping Statute. The defendant denies all allegations and wrongdoing. The parties have agreed to settle to avoid the costs and risks of continuing the lawsuit.

41 days left · August 21, 2026privacy

Valladolid v. Memorial Health Services Data Privacy Settlement

Memorial Health Services allegedly disclosed patients' personally identifiable information to third parties through the Meta Pixel and other tracking, analytics, and advertising technologies without consent, violating the California Invasion of Privacy Act. The defendant denies all claims and maintains it did nothing wrong but agreed to settle to avoid the expense and burden of continuing the case.

44 days left · August 24, 2026privacy

McKenzie Memorial Hospital Data Breach Settlement

McKenzie Memorial Hospital experienced a targeted cyberattack on its computer systems in April 2025 that compromised files containing private information. The files may have included personal data such as names, addresses, dates of birth, Social Security numbers, patient account numbers, medical record numbers, and diagnosis and treatment information. McKenzie denies any wrongdoing.

44 days left · August 24, 2026data breach

Advanced Recovery Data Settlement

Advanced Recovery Equipment & Supplies, LLC experienced unauthorized access to its systems and files containing sensitive personal information, which was discovered in October 2024. The defendant denies any wrongdoing.

$50–$3,500

44 days left · August 24, 2026data breach

Machado v. CR&R Incorporated Data Breach Settlement

CR&R Incorporated experienced a targeted cyberattack on its computer systems on or about December 13, 2022. Certain files containing private information were accessed, potentially including names, Social Security numbers, financial account information, and health insurance information. CR&R denies wrongdoing, and the settlement was reached to avoid the costs and risks of continuing litigation.

46 days left · August 26, 2026privacy

Hillcrest Convalescent Center Data Breach Settlement

A cyberattack on Hillcrest Convalescent Center's computer systems occurred in June 2024 that may have resulted in unauthorized access to and acquisition of private information including names, addresses, financial account information, dates of birth, driver's license numbers, Social Security numbers, government-issued ID numbers, medical treatment information, health insurance information, and provider information. Hillcrest denies wrongdoing, and the parties agreed to settle to avoid costs and risks of continued litigation.

46 days left · August 26, 2026privacy

KYB Americas Corporation Data Incident Settlement

KYB Americas Corporation experienced a targeted data security incident on its computer systems in February 2025 in which certain files containing personal information were potentially accessed. KYB denies it did anything wrong, and the parties have agreed to settle the lawsuit to avoid the costs, risks, and uncertainties of continuing litigation.

46 days left · August 26, 2026privacy

Backchecked Data Breach Settlement

Backchecked, LLC was targeted by a cyberattack in September 2024 that compromised its computer systems. Certain files containing private information—including names, addresses, dates of birth, Social Security numbers, and driver's license numbers—may have been accessed. Backchecked denies any wrongdoing.

47 days left · August 27, 2026privacy

Henderson & Walton Women's Center Data Breach Settlement

Henderson & Walton Women's Center's computer systems experienced unauthorized access containing personal and protected health information between February 11, 2022, and February 14, 2022. The company has agreed to provide settlement benefits to affected individuals.

49 days left · August 29, 2026privacy

Call-On-Doc Pixel Settlement

Call-On-Doc used third-party tracking technologies called "tracking pixels" on its web pages. The plaintiffs claim this use violated certain California laws. Call-On-Doc denies wrongdoing, and the parties agreed to settle to avoid the costs and uncertainties of continuing litigation.

51 days left · August 31, 2026No proof neededprivacy

FitOn VPPA Settlement

FitOn Inc. allegedly disclosed subscribers' personally identifiable information to third parties without consent, violating the Video Privacy Protection Act (VPPA), which protects information about what video materials users have watched. FitOn denies that it violated any law.

Up to $10

51 days left · August 31, 2026privacy

FMC Services Data Breach Settlement

FMC Services, LLC experienced a data incident on or about July 26, 2022, when an unauthorized third party compromised personally identifiable information and personal health information of settlement class members. The company denies that any information was actually acquired.

52 days left · September 1, 2026privacy

Serviceaide Data Breach Settlement

Serviceaide, Inc.'s computer systems and network were compromised by unauthorized access between September 19, 2024, and November 5, 2024. This data breach exposed the private information of current and former patients of Catholic Health. The lawsuit alleges negligence, breach of implied contract, unjust enrichment, and invasion of privacy. The defendant denies all wrongdoing.

52 days left · September 1, 2026privacy

Crimson Wine Group Data Breach Settlement

Crimson Wine Group, Ltd. experienced a targeted cyberattack in or about June 2024 that accessed certain files containing private information, including names, Social Security numbers, and financial account information. The defendant denies wrongdoing, and the parties agreed to settle to avoid the costs and risks of continuing litigation.

54 days left · September 3, 2026privacy

MOVEit Data Breach Settlement - Greater Rochester Independent Practice Association

GRIPA improperly secured personally identifiable information and protected healthcare information (names, dates of birth, Social Security numbers, health information, insurance information, and pharmacy data) through a vulnerable third-party file transfer software called MOVEit Transfer. A data breach occurred in May 2023 that exposed this information entrusted to GRIPA.

$100–$10,000

54 days left · September 3, 2026privacy

Doe v. Okanogan Behavioral Healthcare Data Breach Settlement

Okanogan Behavioral Healthcare experienced unauthorized access to its systems in May 2024, exposing patients' sensitive personal information including names, addresses, dates of birth, Social Security numbers, driver's license numbers, medical information, and health insurance information. OBHC denies any wrongdoing.

$50–$5,350

56 days left · September 5, 2026No proof neededprivacy

Banner Health Data Breach Settlement

Banner Health disclosed patients' personally identifiable information and protected health information to third parties like Meta and Google through tracking technologies installed on its website and patient portal. Plaintiffs alleged this resulted in invasion of privacy and statutory violations. Banner denies all allegations of liability and wrongdoing.

Up to $20

59 days left · September 8, 2026privacy

Allina Pixel Settlement

Allina Health System allegedly disclosed certain personal or health-related information to third parties when users accessed the health system's websites or webpages. Allina Health System denies these allegations.

59 days left · September 8, 2026privacy

Lemonade Data Disclosure Settlement

Lemonade's online insurance quote platform experienced an unauthorized data exposure between April 2023 and September 18, 2024, compromising personal information such as driver's license numbers. Lemonade has agreed to settle the class action lawsuit related to this data incident.

60 days left · September 9, 2026data breach

Pineland Community Service Board Data Breach Settlement

Pineland Community Service Board experienced a cybersecurity incident from November 2024 to January 2025 that resulted in potential unauthorized access to or acquisition of settlement class members' private information, including names, dates of birth, Social Security numbers, and medical information. The defendant denies any wrongdoing or liability, but agreed to settle to avoid the risk, cost, and time of continuing the lawsuits.

65 days left · September 14, 2026privacy

Schuster Data Breach Settlement

In January 2024, Schuster Company experienced a cybersecurity incident that may have exposed Personal Information from their computer systems. Files potentially accessed contained names, Social Security numbers, dates of birth, and driver's license or state identification information. Schuster denies wrongdoing and the parties agreed to settle to avoid litigation costs and uncertainties.

67 days left · September 16, 2026data breach

Aspire Health Alliance Data Breach Settlement

Aspire Health Alliance suffered a targeted cyberattack on its computer systems in September 2023. Certain files containing private information were potentially accessed, including personal information such as names, dates of birth, dates of medical services, health insurance policy numbers, physician information, medical condition or treatment information, and Medicare or Medicaid numbers. Aspire denies wrongdoing, and the parties have agreed to settle to avoid further litigation costs and risks.

69 days left · September 18, 2026privacy

Naper Grove Vision Care Data Breach Settlement

Naper Grove Vision Care suffered a targeted cyberattack on its computer systems in May 2025. Files containing private information, including names combined with Social Security numbers and other non-public personally identifiable information, were accessed. The defendant denies wrongdoing, and the parties agreed to settle to avoid the costs and risks of continued litigation.

79 days left · September 28, 2026No proof neededprivacy

Mount Sinai Medical Center Data Breach Settlement

Mount Sinai Medical Center of Florida disclosed personally identifying information and protected health information of patients to third parties through tracking, analytics, and advertising technologies on its website and patient portal between June 2021 and September 2025.

Up to $20

79 days left · September 28, 2026privacy

Amy Crull v. University of St. Thomas Data Breach Settlement

Unauthorized access to the University of St. Thomas network between July 25 and August 12, 2025 compromised personal information including credit card numbers, bank account information, Social Security numbers, passports, licenses, login credentials, addresses, email addresses, phone numbers, and donor information. UST disputes the claims and denies wrongdoing.

$50–$5,100

79 days left · September 28, 2026privacy

Atrium Health Patient Portal Pixel Technology Settlement

Atrium Health is settling a class action lawsuit over its use of pixel technology on patient portal accounts. The defendant has agreed to settle the claims related to this alleged technology use on MyAtriumHealth or MyCarolinas patient portals.

80 days left · September 29, 2026privacy

Physicians' Primary Care Data Incident Settlement

Physicians' Primary Care of Southwest Florida suffered a targeted cyberattack in September 2024 that compromised computer systems and exposed files containing private information. The exposed data may have included names, Social Security numbers, and protected health information. The defendant denies wrongdoing.

81 days left · September 30, 2026data breach

ApolloMD Data Breach Settlement

An unauthorized third party accessed and/or acquired files containing Private Information of patients treated by ApolloMD's affiliated physicians and practices in a data security incident on or around May 22, 2025. The Defendant denies these claims and maintains it did not do anything wrong.

82 days left · October 1, 2026data breach

Healthcare Services Group Data Breach Settlement

A cybersecurity incident occurring on or around September 27, 2024, potentially exposed employee personally identifiable information including names, Social Security numbers, driver's license numbers, state identification numbers, financial account details, full access credentials, and medical and health insurance information. HCSG denies any wrongdoing.

Up to $5,000

96 days left · October 15, 2026privacy

Flo Period Tracker App Data Privacy Settlement

Flo Health Inc. operated a period and ovulation tracking app that allegedly shared users' menstruation and pregnancy information with third-party software development kits from Google, Flurry, and Meta between November 2016 and February 2019. The plaintiffs claimed this sharing violated privacy laws. Flo, Flurry, and Google deny any wrongdoing and agreed to settle to avoid further litigation costs and uncertainty.

103 days left · October 22, 2026data breach

Lands' End Data Breach Settlement

Lands' End experienced a data security incident in December 2024 that compromised customer information. Certain files containing personal information such as names, dates of birth, Social Security numbers, driver's license/passport information, and in limited cases medical information were potentially accessed. Lands' End denies wrongdoing.