MOVEit Data Breach Settlement - Greater Rochester Independent Practice Association
$100–$10,000
What happened
GRIPA improperly secured personally identifiable information and protected healthcare information (names, dates of birth, Social Security numbers, health information, insurance information, and pharmacy data) through a vulnerable third-party file transfer software called MOVEit Transfer. A data breach occurred in May 2023 that exposed this information entrusted to GRIPA.
Do you qualify?
Anyone identified as a person whose Personally Identifiable Information and/or Protected Healthcare Information may have been accessed or exposed during the MOVEit Data Breach of GRIPA. Excludes GRIPA employees and officers, judges, and anyone who opts out of the settlement.
How to file
Complete and submit a Claim Form by September 3, 2026. Submit online using your Claimant ID and PIN provided on your notice, or mail a paper form postmarked by September 3, 2026. You can choose to claim reimbursement for losses (up to $2,500 ordinary, $10,000 extraordinary) or take a $100 alternative payment, plus two years of identity theft protection services.
New to class actions?
This summary was generated from public settlement documents and may contain errors. Confirm eligibility, deadlines, and payment terms on the official settlement website before filing. ClaimWatch is not a law firm and this is not legal advice. Filing a claim is free.
More privacy settlements
View all →Chattanooga Heart Institute Data Breach Settlement
Memorial Heart Institute experienced a cybersecurity incident between March 8 and March 16, 2023, which may have resulted in unauthorized access to or acquisition of individuals' private information including names, addresses, email, phone numbers, dates of birth, driver's license numbers, Social Security numbers, account information, health insurance information, diagnosis/condition information, lab results, and medications.
WISP, Inc. Data Privacy Settlement
WISP, Inc. allegedly disclosed customers' personal information to third parties through Meta Pixel and other tracking, analytics, and advertising technologies without consent, violating privacy laws including the Florida Security of Communications Act, California Invasion of Privacy Act, and Electronic Communications Privacy Act. The defendant denies all claims but agreed to settle to avoid ongoing litigation costs and uncertainties.
Up to $18
Richard Teague v. AGC America Data Breach Settlement
AGC America, Inc. experienced a December 2023 targeted cyberattack in which a third party gained unauthorized access to certain of the company's systems and may have accessed individuals' personal information including names, addresses, dates of birth, Social Security numbers, driver's license numbers, financial account information, passports, payment card numbers, company network login credentials, and limited health insurance plan enrollment information. AGC denies any liability or wrongdoing.
Dayton International Airport Parking FACTA Settlement
SP Plus Corporation allegedly printed the full expiration dates of credit cards and debit cards on electronically printed paper receipts issued to customers at Dayton International Airport. This violated FACTA (Fair and Accurate Credit Transactions Act) regulations regarding the display of sensitive payment card information.
Up to $23