Individuals notified of the Essen Medical data breach may be eligible to claim up to $5,000 for documented losses or a $100 cash payment from a $4,000,000 class action settlement.
If you received a breach notification letter from Essen Health Care following a March 2023 data breach, a settlement has been reached that could put real money in your pocket. Essen Medical Associates – a New York-based healthcare provider operating multiple medical facilities – agreed to a $4,000,000 settlement to resolve claims arising from a cybersecurity incident that potentially exposed the personal information of nearly 908,000 current and former patients.
Essen Health Care denies any wrongdoing but chose to settle rather than face prolonged litigation. The result is a compensation fund available to affected patients – and for many claimants, filing requires no documentation at all.
Who can file a claim?
Individuals must meet all of the following criteria:
- They reside in the United States.
- Their personal information was compromised in the Essen Health Care data breach that occurred between March 14 and March 22, 2023.
- They received a mailed breach notification letter from Essen Health Care regarding the incident.
The claim deadline is June 1, 2026. Filing takes just a few minutes online.
File Your Claim NowHow much can class members receive?
Class members can claim one of two compensation tiers depending on their documentation:
- Documented losses – up to $5,000: Covers fraud charges, identity theft expenses, credit monitoring costs, and other unreimbursed out-of-pocket losses traceable to the breach. Requires supporting documentation such as bank statements, credit card statements, receipts, or invoices.
- Cash fund payment – up to $100: A pro-rata cash payment available to all eligible class members with no documentation required. The final amount depends on the number of valid claims submitted – the $100 figure is the per-person cap.
How to claim a data breach payment
Class members can submit the online claim form at ehcsettlement.com or download and mail the PDF claim form to the settlement administrator. The claim deadline is June 1, 2026.
Essen Medical Data Breach Settlement Administrator
P.O. Box 2020
Portland, OR 97208-2020
Phone: 888-976-6880
What proof or documentation is necessary to submit a claim?
- Claimants filing for documented losses must provide supporting records such as bank or credit card statements, receipts, or invoices showing the expenses incurred as a result of the breach.
- Claimants filing for the cash fund payment do not need to provide any documentation – eligibility is based on receiving the mailed breach notification.
- All claimants should have their notification letter available, as it may contain information needed to complete the claim form.
Payout options
- Electronic payment (online claims)
- Physical check (mailed claims)
Settlement fund breakdown
The $4,000,000 settlement fund covers:
When is the Essen Medical data settlement payout date?
No specific payout date has been announced – this is standard at this stage of the process. The fairness hearing is scheduled for July 7, 2026, at which point the court will consider final approval of the settlement.
Payments will be issued after the court grants final approval and any appeal period expires. Class members who submit valid claims before the June 1, 2026 deadline will be paid once the process concludes.
Why did this class action settlement happen?
The class action lawsuit alleged that Essen Medical Associates experienced a cybersecurity incident between March 14 and March 22, 2023, during which unauthorized parties accessed systems containing the personal and medical information of nearly 908,000 current and former patients.
The plaintiff alleged that Essen Health Care failed to implement adequate data security measures and violated HIPAA, the FTC Act, and New York’s Deceptive Acts and Practices Act. The exposed data included highly sensitive information – full names, driver’s license numbers, passport numbers, dates of birth, medical diagnoses, health insurance details, and financial account information.
Essen Health Care denies any wrongdoing but agreed to settle to avoid the cost and uncertainty of a trial.
Is the Essen Medical data breach settlement legitimate?
Yes – this is a fully court-supervised settlement. Here’s what confirms it:
- Case number: 801239/2024E, filed in the Supreme Court of the State of New York, Bronx County
- Preliminary approval: Granted January 8, 2026
- Administrator: Epiq, an independent third-party settlement administrator
- Official site: ehcsettlement.com
- Notice: Sent directly by the administrator – not by Essen Health Care
The Essen Medical data breach settlement is pending final court approval at the July 7, 2026 fairness hearing. Claims must be filed before June 1, 2026 – no payments will be issued before final approval.
How much will I actually receive from the Essen Medical settlement?
It depends on two things: what you claim and how many people file. The cash fund is distributed pro-rata among all valid claimants, subject to the $100 per-person cap.
- Up to $100 (no docs needed) – the cash fund payment. This is the no-documentation path available to all eligible class members. The actual amount is pro-rata based on total valid claims.
- Up to $5,000 (documented losses) – requires bank statements, receipts, or invoices showing unreimbursed losses from fraud, identity theft, or credit monitoring expenses caused by the breach.
- Up to $5,100 total – the theoretical maximum if both a documented loss claim and cash fund payment are available to a claimant.
Most people will receive the $100 cash payment – which is still worth filing for, especially given the sensitivity of the medical and financial data that was exposed. With nearly 908,000 people affected, the pro-rata amount will depend heavily on claim volume.
What actually happened in the Essen Medical data breach?
Between March 14 and March 22, 2023, unauthorized actors gained access to systems operated by Essen Medical Associates – a New York-based healthcare provider running multiple medical facilities across the Bronx and surrounding areas under the Essen Health Care brand.
What was exposed: The breach affected approximately 907,782 current and former patients. Exposed data included full names, driver’s license numbers, state ID numbers, passport numbers, dates of birth, medical diagnoses, health insurance information, financial account information, and other medical information.
What the lawsuit claims: That Essen Health Care failed to implement reasonable data security measures to protect the highly sensitive personal and medical information entrusted to it by patients – and that it violated federal and state law in doing so.
Why do companies settle data breach lawsuits even when they deny wrongdoing?
Settlement does not mean admission of guilt. Companies settle data breach lawsuits for practical reasons that have nothing to do with liability:
- Litigation is expensive – legal fees alone can quickly exceed the settlement amount
- Trials are unpredictable – a jury verdict could result in a far larger payout than a negotiated settlement
- Settling ends years of ongoing litigation, depositions, and negative press coverage
- For plaintiffs, a settlement guarantees some compensation rather than risking nothing at trial
Courts still review every class action settlement to confirm it’s fair, reasonable, and adequate for the class – that’s what the July 7, 2026 fairness hearing is for. Denying wrongdoing while settling is standard practice and has no effect on your right to file a claim.
Sources
- Class notice – ehcsettlement.com
- Claim form – ehcsettlement.com
- Settlement agreement – ehcsettlement.com
- Settlement FAQ – ehcsettlement.com
- Important dates – ehcsettlement.com