Staten Island University Hospital 1000 Settlement Over January 2024 Data Breach
Deadline
Deadline: March 16, 2026
Total Settlement Amount
Total amount allocated for all claims
Individual Payout Range
Estimated amount per eligible claim
Proof of Purchase
No documentation appears to be required based on the provided notice (listed as “Proof Required? No”).
Settlement Summary
Staten Island University Hospital (part of Northwell Health) reported that a January 2024 cybersecurity incident may have exposed certain patients’ and consumers’ personal information. Healthcare organizations are frequent targets because medical and insurance data can be used for identity theft, tax fraud, and medical fraud, and breaches can create long-lasting risks even when there’s no confirmed misuse. The proposed class action settlement website describes compensation ranging from $35 to $1,000 for people whose data was potentially affected, with a claims deadline of 3/16/26 and no proof of loss required to submit a claim. The lawsuit was filed on the theory that the hospital and/or its vendors did not implement reasonable safeguards to protect sensitive information and did not prevent or promptly mitigate the impact of the incident. Class actions like this matter because they can provide reimbursement or cash payments to many people who might otherwise have small individual claims, while also pressuring healthcare entities to improve security practices through settlement terms (often including enhanced security measures and/or credit monitoring). More broadly, these cases echo a steady wave of healthcare breach litigation nationwide—similar settlements have followed incidents involving hospitals, insurers, and third-party service providers—reflecting the reality that even “potential exposure” can be enough to trigger legal claims when the compromised data is regulated and hard to fully recover. Industry rules make the stakes higher: hospitals and many of their contractors are governed by HIPAA and the HITECH Act, which require safeguarding protected health information and, after a breach, notifying affected individuals and regulators; New York also has the SHIELD Act, which sets standards for “reasonable” data security and breach notification for private information. Plaintiffs in healthcare breach suits frequently rely on these frameworks, along with state consumer protection and negligence theories, to argue that inadequate security and delayed or incomplete disclosures increase the risk of fraud and the time and expense consumers must spend monitoring accounts, placing fraud alerts, or freezing credit. In that regulatory environment, settlements like this serve as both compensation mechanisms and a market signal that healthcare cybersecurity practices—and vendor oversight—carry legal and financial consequences when they fall short
Entities Involved
Eligibility Requirements
- You are an individual whose personal information may have been exposed in the Staten Island University Hospital data breach
- The exposure relates to the January 2024 incident
- You submit a claim by the deadline (March 16, 2026)
Featured Investigations
Stay Updated
Subscribe to our newsletter for the latest settlement updates and news.
Important Notice About Filing Claims
Submitting false information in a settlement claim is considered perjury and will result in your claim being rejected. Fraudulent claims harm legitimate class members and may result in legal consequences.
If you are unsure about your eligibility for this settlement, please visit the official settlement administrator’s website using the link provided above. Review the eligibility criteria carefully before submitting a claim.
Class Action Champion is an independent information resource and is not affiliated with any settlement administrator, law firm, or court. We provide settlement information as a service to help connect eligible class members with legitimate settlements.