McPherson Hospital settles $500,000 class action lawsuit over 2022 data breach

McPherson Hospital, based in Kansas, has agreed to a $500,000 settlement to resolve a class action lawsuit alleging it failed to protect patient information during a 2022 data breach. The breach, which occurred in July 2022, exposed sensitive data belonging to approximately 3,000 patients. The incident was reportedly the result of a phishing attack in which an employee was tricked into providing login credentials, granting hackers access to private information.

The plaintiffs in the lawsuit argued that McPherson Hospital should have implemented stronger security measures to safeguard patient data. While the hospital denied any wrongdoing, it settled the claims to avoid prolonged litigation and provide remedies for those impacted by the breach.

Under the settlement terms, affected individuals are entitled to various forms of compensation. Class members can receive up to $400 to reimburse expenses such as bank fees, credit monitoring, and other breach costs. They may also claim compensation for lost time in managing the aftermath, with reimbursement offered at $30 per hour for up to three hours. For those who experienced significant financial losses, such as fraudulent charges or identity theft, additional reimbursement of up to $5,000 is available.

For class members who choose not to claim specific losses or lack documentation, an alternative cash payment of $75 is provided. Additionally, all class members are eligible for three years of free credit monitoring services as part of the settlement.

In a move beyond financial compensation, McPherson Hospital has committed to enhancing its cybersecurity measures to prevent future incidents. These improvements include policy updates, advanced cybersecurity tools, and better employee training to identify and mitigate phishing attempts and other cyber threats.

The deadline for submitting a claim form is January 29, 2025. Class members who wished to object to or exclude themselves from the settlement had to do so by December 30, 2024. A final approval hearing for the settlement is scheduled for February 5, 2025.