Capital Health 4.5M Settlement Over 2023 Data Breach Exposing Personal Data
Deadline
Deadline: April 6, 2026
Total Settlement Amount
Total amount allocated for all claims
Individual Payout Range
Estimated amount per eligible claim
Proof of Purchase
For reimbursement of documented losses (up to $5,000), claimants must provide third-party proof of the losses tied to the breach, such as receipts, invoices, or bank/credit card statements (e.g., identity theft or fraud costs, credit monitoring purchases, professional fees). Self-created or self-prepared documents alone are not accepted. No loss documentation is required for the $100 alternative payment, but a timely, valid claim form is still required.
Settlement Summary
Capital Health, a New Jersey– and Pennsylvania–based health system, agreed to a $4.5 million settlement after a 2023 cyber incident (Nov. 11–26, 2023) potentially exposed patients’ and consumers’ sensitive data, including Social Security numbers, clinical/health information, and contact details. Health care organizations are frequent targets because medical records can’t be “reset” like passwords and are highly valuable for identity theft and insurance fraud, making even a short breach window potentially serious for large patient populations. The lawsuit, *In re: Capital Health Data Breach Litigation* (D.N.J.), was filed on the theory that the breach—and resulting risk of misuse—stemmed from unreasonable cybersecurity practices and inadequate safeguards, even if the organization denies wrongdoing. The settlement’s structure reflects common data-breach harms: up to $5,000 for documented losses (such as fraud-related expenses or professional fees), a $100 alternative payment for those without documentation, and three years of credit monitoring, with payouts potentially adjusted depending on the number of claims. Beyond compensating affected people, these cases pressure health systems to strengthen security programs, logging/monitoring, employee training, and incident-response readiness because the cost of litigation and remediation can rival the cost of prevention. More broadly, this fits a growing wave of health care breach class actions where plaintiffs argue that exposure of personal and medical data creates concrete risks and out-of-pocket costs, and settlements often trade cash plus monitoring for releases of claims. The industry operates under a dense regulatory backdrop—most notably HIPAA’s Privacy and Security Rules and the HITECH Act’s breach-notification requirements, along with state data-breach notification laws in places like New Jersey and Pennsylvania—which together set expectations for “reasonable” safeguards and timely notice when protected information may have been accessed. Similar suits against hospitals, insurers, and vendors underscore a wider trend: as ransomware and third-party compromises increase, courts and regulators are treating cybersecurity not as an IT issue but as a core patient-safety and compliance obligation.
Entities Involved
Eligibility Requirements
- You are an individual whose personal information was compromised or potentially compromised in the Capital Health data breach
- The breach relates to the incident occurring between Nov. 11 and Nov. 26, 2023
- To receive money for documented losses, you must submit supporting third-party documentation (not self-prepared records)
- You must submit a valid claim form by April 6, 2026 to receive benefits
- If you wish to opt out or object, you must do so by March 9, 2026
Featured Investigations
Stay Updated
Subscribe to our newsletter for the latest settlement updates and news.
Important Notice About Filing Claims
Submitting false information in a settlement claim is considered perjury and will result in your claim being rejected. Fraudulent claims harm legitimate class members and may result in legal consequences.
If you are unsure about your eligibility for this settlement, please visit the official settlement administrator’s website using the link provided above. Review the eligibility criteria carefully before submitting a claim.
Class Action Champion is an independent information resource and is not affiliated with any settlement administrator, law firm, or court. We provide settlement information as a service to help connect eligible class members with legitimate settlements.