As reported by ME, a $16.5 million class-action settlement has been approved following the 2023 cyberattack on Harvard Pilgrim Health Care, which exposed sensitive data including Social Security numbers, medical records, and insurance information. While the company, now under Point32Health, denies any wrongdoing, it agreed to compensate impacted individuals for financial and time-related losses linked to the breach.
Source: youtube.com/@WCVB.
Eligible individuals have until August 25, 2025 to file a claim. The options include reimbursement of up to $2,500 for documented expenses such as fraud-related charges or identity theft services, compensation for up to seven hours of lost time at $30 per hour, or even extraordinary loss claims of up to $35,000 and 20 hours of lost time in severe cases. For those without receipts or documentation, a no-questions-asked $150 flat payment is also available. Additionally, three years of free credit monitoring is part of the settlement package.
The breach affected patients and members in Harvard Pilgrim’s New England coverage area, and anyone with data on file at the time of the incident may be eligible. The official Harvard Pilgrim Data Breach Settlement website outlines the full eligibility details and documentation requirements. In a landscape of frequent tech and health data breaches, this case serves as a reminder that timely filing can offer real compensation for privacy violations—so long as you act before the deadline.
