$5M Medusind Settlement Ends Class Action Lawsuit Over December 2023 Data Breach

New to ClassAction.org? Read our Newswire Disclaimer

A $5 million class action settlement ends litigation against revenue management company Medusind over a December 2023 data breach that exposed the sensitive personal information of its healthcare provider clients’ patients.

Don’t miss out on class action settlement news like this. Sign up for ClassAction.org’s free weekly newsletter.

The Medusind data incident settlement received preliminary approval from the court on July 22, 2025 and covers all United States residents who were sent notice of the data breach by Medusind.

The court-approved website for the Medusind settlement can be found at MedusindDataIncidentSettlement.com.

Medusind settlement class members who submit a timely, valid claim form can receive either up to $5,000 in reimbursement for losses related to the data breach or a flat cash payment of $100, as well as two years of credit monitoring.

Class members who were California residents as of December 29, 2023 can submit a claim for an additional payment estimated to be about $100.

Cash payments from the Medusind settlement may be increased or decreased on a pro rata basis, depending on the total number of valid claims that are filed, the website states.

Per the settlement website, loss reimbursement through the deal is mutually exclusive from the flat cash payment of $100, as class members can choose only one of the two options. However, the credit monitoring and, if applicable, California resident payment available through the class action settlement can be claimed alongside any other settlement benefit, the website for the deal states.

In order to claim reimbursement, losses must be related to the Medusind data breach, and class members must submit reasonable documentation of each loss. The settlement website relays that a loss cannot be claimed if it has already been reimbursed by another source, such as through the identity protection and credit monitoring services provided in the original data breach notification from Medusind.

Examples of potential data breach-related expenses and losses, as well as what may be provided as reasonable documentation, are listed here.

The two years of credit monitoring services offered by the settlement include:

• Web-based monitoring of personal identifiable information such as banking information, Social Security numbers, credit/debit information, email addresses, medical ID numbers and phone numbers;
• Real-time monitoring of credit files; and
• Access to fraud consultation and identity theft restoration services, including access to agents to help investigate and resolve instances of identity theft.

To submit a claim form online, Medusind settlement class members can visit this page and log in with the unique ID and PIN found in their copy of the settlement notice.

Alternatively, a PDF of the claim form is available to print, fill out and mail back to the address listed on the form.

All claim forms must be submitted online or postmarked no later than December 29, 2025.

Additionally, Medusind has agreed, as part of the settlement, to implement additional cybersecurity measures to its systems to better protect the personal and private data it possesses.

A hearing is scheduled for January 12, 2026 to determine whether the settlement will receive final court approval. Settlement benefits will begin to be distributed to class members only after final approval has been granted and any appeals have been resolved.

The Medusind class action lawsuit claimed that the medical and dental billing and software company failed to properly safeguard the personal data in its possession against a cyberattack in which unauthorized third parties accessed the medical, personal and billing data of the patients of several healthcare providers.

Head to ClassAction.org’s settlements page for a complete list of data breach settlements.