Individuals affected by the Cornerstone Specialty Hospitals data breach may be eligible to claim up to $10,000 plus credit monitoring from a $2.35 million class action settlement.
If your personal information was compromised in the Cornerstone Specialty Hospitals data breach, there is a settlement with your name on it. Cornerstone Healthcare Group agreed to resolve a class action lawsuit stemming from a cybersecurity incident discovered in December 2023 that exposed the personal information of hundreds of thousands of patients and staff.
The company denies any wrongdoing but chose to settle rather than face a drawn-out trial. The result: real money and credit monitoring available to people who were affected – and you do not need a lawyer or extensive paperwork to get it.
Who can file a claim?
Individuals must meet all of the following criteria:
- Their private information was or may have been compromised in the Cornerstone Specialty Hospitals data incident discovered in December 2023.
- They received notification from Cornerstone Healthcare Group about the data breach.
- They are identified on the defendant’s settlement class list.
You may be eligible for up to $10,000 plus two years of credit monitoring. Filing takes just a few minutes.
File Your Claim NowHow much can class members receive?
Class members can claim several types of awards, depending on the type of data compromised and the documentation they provide:
- Documented ordinary losses: Up to $2,500 for out-of-pocket expenses incurred as a result of the data breach. Eligible expenses include credit monitoring costs, bank fees, travel costs, and postage. Requires non-self-prepared documentation such as receipts or third-party records.
- Documented extraordinary losses (SSN subclass only): Up to $10,000 for documented monetary losses from actual identity theft, fraud, falsified tax returns, or misuse traced to this breach. Requires detailed third-party documentation. Available only to individuals whose Social Security numbers were compromised.
- Pro rata cash payment: An equal share from the remaining settlement fund after fees and expenses. SSN subclass members receive three times the amount of non-SSN class members. No documentation required.
- Credit monitoring (SSN subclass): Two years of three-bureau credit monitoring with identity fraud protection at no cost. No documentation required.
How to claim a data breach payment
Class members can submit the online claim form on the settlement website. Alternatively, class members can download and print the mail-in claim form and send it to the settlement administrator. The claim deadline is May 8, 2026.
Cornerstone Data Incident Settlement Administrator, PO Box 2271, Baton Rouge, LA 70821
What proof or documentation is necessary to submit a claim?
- All claimants must confirm they received notice of the data incident from Cornerstone Healthcare Group.
- Claimants filing for ordinary losses must provide non-self-prepared receipts or documentation proving reasonable costs actually incurred as a result of the breach.
- Claimants filing for extraordinary losses must provide detailed documentation of identity theft, fraud, or misuse traced directly to the data incident. Losses must have occurred between December 1, 2023 and the claims deadline.
- Claimants filing for the pro rata cash payment or credit monitoring do not need to provide documentation.
Payout options
- Electronic payment (for online claim submissions)
- Physical check (for mailed claim forms)
Settlement fund breakdown
The $2,350,000 settlement fund covers:
When is the Cornerstone Specialty Hospitals data settlement payout date?
The settlement administrator will issue payments after the court grants final approval of the settlement and resolves any appeals. The final approval hearing is scheduled for May 14, 2026 at 1:30 PM EST. No specific payout date has been announced – this is standard at this stage of the process.
Why did this class action settlement happen?
The class action lawsuit alleged Cornerstone Healthcare Group experienced a cybersecurity incident discovered in December 2023 that exposed the personal information of approximately 483,000 individuals. The compromised data included names, dates of birth, addresses, driver’s license and government ID numbers, financial information, medical records, insurance details, and Social Security numbers.
Cornerstone Healthcare Group denies any wrongdoing but agreed to settle to avoid the uncertainty and expense of continued litigation.
Is the Cornerstone Specialty Hospitals data breach settlement legitimate?
Yes – this is a fully court-supervised settlement. Here is what confirms it:
- Case number: 3:24-cv-410-DJH, filed in the United States District Court for the Western District of Kentucky
- Administrator: EAG Claims, an independent third-party settlement administrator
- Official site: cshealthcaresettlement.com
- Notice: Sent directly by the settlement administrator to affected individuals
The settlement received preliminary court approval on January 8, 2026. Final approval is pending at the May 14, 2026 hearing. Claims must be filed before May 8, 2026 – no payments will be issued before final approval.
How much will I actually receive from the Cornerstone Specialty Hospitals settlement?
It depends on two things: whether your SSN was compromised and how many people file claims. The $2.35 million fund is split among all valid claimants.
- Pro rata cash payment (no docs needed) – everyone gets a share of the remaining fund. SSN subclass members receive three times what non-SSN members get. The exact amount depends on how many people file.
- Up to $2,500 (ordinary losses) – requires receipts or third-party records of breach-related expenses.
- Up to $10,000 (extraordinary losses, SSN subclass only) – requires detailed documentation of identity theft or fraud directly traced to this breach.
- Credit monitoring (SSN subclass) – two years of three-bureau monitoring, no documentation required.
The $10,000 headline figure is the theoretical maximum for SSN subclass members with documented extraordinary losses. Most people will receive the pro rata cash payment plus credit monitoring – which is still worth filing for.
What actually happened in the Cornerstone Specialty Hospitals data breach?
In December 2023, Cornerstone Healthcare Group – an acute-care hospital operator with facilities in Arizona, Arkansas, Louisiana, Oklahoma, Texas, and West Virginia – discovered a cybersecurity incident that exposed patient and staff personal information.
What was exposed: Names, dates of birth, addresses, driver’s license numbers, government ID numbers, financial information, medical records, health insurance details, and Social Security numbers for approximately 483,000 individuals, with roughly 74,959 in the SSN subclass.
What the lawsuit claims: That Cornerstone Healthcare Group failed to implement adequate cybersecurity protections as required under HIPAA and the FTC Act.
What Cornerstone says: They deny any wrongdoing – but agreed to a $2.35 million settlement rather than face trial.
Why do companies settle data breach lawsuits even when they deny wrongdoing?
Settlement does not mean admission of guilt. Companies settle for practical reasons:
- Litigation is expensive – legal fees alone can exceed the settlement amount
- Trials are unpredictable – a verdict could result in a far larger payout
- Settling ends years of ongoing litigation and negative press
- For plaintiffs, it guarantees a payout rather than risking nothing at trial
Courts still review every class action settlement to confirm it is fair and reasonable – that is what the May 14, 2026 final approval hearing is for. Denying wrongdoing while settling is standard practice and has no effect on your right to file a claim.