FOLLOW US

A federal judge in Georgia has granted final approval to the nextgen $19m data breach settlement approval, clearing the way for more than 1 million affected customers to seek compensation after a 2023 cyberattack exposed their personal information.

Following a brief hearing Tuesday, U.S. District Judge Thomas W. Thrash signed off on the $19 million-plus agreement between NextGen Healthcare and consumers whose data was compromised. The deal, first announced in October, resolves claims that the Georgia-based healthcare technology firm failed to adequately protect sensitive information stored on its systems.

Who Qualifies and What’s Covered

According to court filings, members of the settlement class can seek reimbursement for documented out-of-pocket losses up to $7,500, provided those losses are “fairly traceable” to the March 2023 breach.

Covered costs may include expenses linked to identity theft or fraud, credit freeze fees, credit report charges and credit monitoring services, among other related losses incurred after the breach.

The class encompasses approximately 1,049,396 individuals across the United States identified by NextGen as having had their personal information affected.

Allegations of Lax Security

The lawsuit, filed roughly two months after the breach and led by plaintiff Damon Miller, accused NextGen of cutting corners on cybersecurity measures and failing to promptly notify customers about the intrusion.

While the settlement does not constitute an admission of wrongdoing, it brings closure to claims that the company’s data safeguards were insufficient at a time when digital defenses are as vital as physical locks.

Legal Fees and Representation

Class counsel indicated in an October filing that they intend to seek attorneys’ fees of up to 33.3% of the settlement fund, along with reimbursement for reasonable litigation expenses.

The customers are represented by MaryBeth V. Gibson of Gibson Consumer Law Group LLC, J. Cameron Tribble of Barnes Law Group LLC and Norman E. Siegel of Stueve Siegel Hanson LLP.

NextGen is represented by attorneys Abby H. Meyer, Chris D. Lawrence and Kari Rollins of Sheppard Mullin Richter & Hampton LLP, along with Eric J. Breithaupt of Jones & Walden LLC.

With the judge’s final approval now in place, the settlement process can move forward — a milestone in a case that underscores the growing legal and financial consequences companies face when cyber defenses fail.