Healthcare Data Breach Image

Medical Associates of Brevard Data Breach Settlement Opens for Patients

Healthcare data breach victims settle class action over patient information security breach lawsuit.

  • Data Breach Lawsuit

Last Update

lawsuitlike
lawsuitlike
lawsuitlike

About the Medical Associates of Brevard Settlement

If you received care from Medical Associates of Brevard, your personal information might have been compromised in a major cyberattack that hit the healthcare provider in January 2025. 

 

The attack potentially exposed sensitive data belonging to hundreds of thousands of patients, including Social Security numbers, medical records, and financial information. 

 

Medical Associates of Brevard has recently agreed to protect patient identities and reimburse patients for expenses caused by the data breach under a new settlement.

 

What Happened at Medical Associates of Brevard?

On January 24, 2025, cybercriminals allegedly launched a sophisticated attack on Medical Associates of Brevard's computer systems. 

 

The BianLian ransomware group claimed responsibility for the breach, stating they accessed extensive amounts of sensitive data, including patient personal information.

 

The compromised information potentially included the following sensitive data:

  • Full names and addresses
  • Social Security numbers
  • Dates of birth
  • Medical treatment information
  • Health insurance details
  • Driver's license numbers
  • Financial account information

 

Medical Associates of Brevard says it discovered the breach shortly after it occurred and immediately began working with third-party cybersecurity experts to secure their systems. 

 

Notifications sent

The healthcare provider submitted breach notifications to state authorities on September 5, 2025. According to the US Department of Health and Human Services, the incident affected 246,711 individuals.

 

Medical Associates of Brevard also sent notification letters to potentially affected patients, offering 12 to 24 months of free credit monitoring services through Experian. 

 

While the healthcare provider stated it found no evidence of information misuse at the time of notification, the company decided to settle all claims to avoid continuing litigation.

 

Privacy Claims Against Medical Associates of Brevard

Beloli v. Medical Associates of Brevard alleges the healthcare provider failed to implement adequate cybersecurity measures to protect patient information. 

 

According to the lawsuit, Medical Associates of Brevard was aware or should have been aware of vulnerabilities in its systems but prioritized other business concerns over patient data security.

 

Statute violation claims

Class plaintiffs also say that Medical Associates of Brevard violated several healthcare data protection standards, including potential HIPAA violations, after failing to:

  • Maintain appropriate security protocols for sensitive health information.
  • Implement industry-standard cybersecurity defenses.
  • Properly monitor their systems for unauthorized access.
  • Detect and respond timely to the cyberattack.

 

According to plaintiff attorneys, the healthcare provider had a special obligation to safeguard medical records and personal information under both federal and state laws.

 

Medical Associates of Brevard has not admitted any wrongdoing as part of the settlement agreement but stated that it has already enhanced its cybersecurity measures.

Who Can Participate in the Medical Associates Brevard Settlement?

Patients may qualify as settlement class members if they are US residents and had private information exposed in the January 24, 2025, Medical Associates of Brevard data incident. 

 

This group includes both current and former patients who received services from the healthcare provider prior to the breach occurring.

 

Breach notification letter 

Individuals who received notification letters from the healthcare organization are automatically eligible to participate in the settlement. 

 

Patients who didn't receive a letter but were members of the Medical Associates of Brevard group around the time of the breach should verify eligibility with the settlement administrator by phone (844) 496-1203 or email at [email protected].

 

Proposed Settlement Remedies 

The settlement agreement offers two distinct categories of benefits, designed to protect eligible class members and compensate them for losses resulting from the breach. 

 

Eligible class members may receive medical identity monitoring, while those who suffered financial losses can seek remedies for their out-of-pocket losses.

 

Medical data monitoring services

All settlement class members qualify for one year of CyEx Medical Shield Pro at no cost to them. 

 

This comprehensive medical identity protection service advertises:

  • $1 million in medical identity theft insurance coverage.
  • Healthcare insurance ID exposure monitoring to detect unauthorized use of your insurance.
  • Medical Record Number (MRN) exposure tracking to identify potential medical identity theft.
  • Unauthorized Health Savings Account (HSA) spending alerts.
  • Access to fraud resolution specialists who help resolve any issues that arise.
  • Real-time alerts when suspicious activity occurs with your medical information.

 

This specialized monitoring focuses specifically on healthcare-related identity theft, which traditional credit monitoring often misses. 

 

Reimbursement for documented losses

Eligible class members may also claim reimbursements up to $1,500 if the data breach caused them to incur out-of-pocket expenses. 

 

Eligible expenses must have occurred between January 24, 2025, and December 1, 2025, and include:

  • Identity theft or fraud losses directly related to the exposed information.
  • Credit report fees, credit monitoring services, or charges for credit freeze/unfreeze services.
  • Costs associated with replacing identification documents due to theft or fraud.
  • Postage expenses for mailing correspondence to financial institutions about fraud.
  • Other reasonable expenses connected to the data breach.

 

This remedy also requires documentation for all claimed expenses, such as bank statements, receipts, police reports, or credit card statements. 

 

How to File Your Medical Associates Brevard Data Breach Claim

 

Online claims

  1. Visit MedAssociatesBrevardDataBreach.com and click on "File a Claim."
  2. Enter your unique ID and PIN from your settlement notice letter.
  3. Verify your contact information and update if necessary.
  4. Select which benefits you want to claim.
  5. Upload documentation for any expense reimbursement requests.
  6. Review and submit your claim.

 

Mail-in claims 

Download the PDF claim form from the settlement website. Complete all sections, attach copies of your supporting documentation, and mail to:

 

MAB Data Incident Settlement

 c/o Settlement Administrator

 P.O. Box 25226

 Santa Ana, CA 92799

 

Remember to keep copies of all submissions for your records. The settlement administrators will send confirmation once they have received and processed your claim.

Important Settlement Deadlines and Court Dates

  • December 1, 2025 - Final deadline to submit claim forms. 
  • December 1, 2025 - Last day to opt out of the settlement.
  • December 16, 2025 - Final approval hearing.

 

The Medical Associates of Brevard data breach allegedly exposed highly sensitive information that cyberthieves could potentially exploit for years to come. 

 

Check eligibility or learn more about the lawsuit or settlement at www.medassociatesbrevarddatabreach.com.


Frequently Asked Questions (FAQ)

The January 2025 cyberattack exposed extensive patient information, including names, Social Security numbers, dates of birth, medical treatment records, health insurance details, driver's license numbers, and financial account information. The BianLian ransomware group claimed responsibility for accessing databases containing personal information, emails, and documents from approximately 247,000 patients.

 

Eligible settlement class members may receive two types of benefits: free medical identity monitoring services worth hundreds of dollars through CyEx Medical Shield Pro for one year, and cash reimbursement up to $1,500 for documented out-of-pocket losses incurred between January 24, 2025, and December 1, 2025. The actual amount depends on whether you experienced identity theft, fraud, or other breach-related expenses that you can document with receipts or statements.

 

No, you don't need an attorney to submit a settlement claim. The claims administrator designed the claims process for individuals to complete independently through the settlement website at MedAssociatesBrevardDataBreach.com or by mailing a paper form. The court-appointed class counsel already represents all settlement members at no cost, and their fees will be paid separately by Medical Associates of Brevard, not from your settlement benefits.

 

You're eligible if you're a US resident whose personal information was potentially compromised in the January 24, 2025, cyberattack on Medical Associates of Brevard's systems. Most eligible individuals received a notification letter from the healthcare provider, but even if you didn't receive one and were a patient before January 2025, you can contact the settlement administrator to check your eligibility online using any patient records or account information you have.

This is an advertisement. OnlyClassActions is not a law firm or referral service, and we do not provide legal advice. OnlyClassActions provides a free service for individuals seeking legal representation, and we do not charge you to be connected with an attorney. We do not recommend or endorse any attorneys that pay to participate. OnlyClassActions utilizes a pool of attorneys in each jurisdiction, and attorneys are selected through a round-robin process without our evaluating your legal situation when selecting which attorney will receive your information. OnlyClassActions makes no representation about the quality of legal services or the qualifications of any attorney participating in our pool. Information you submit will be shared with third-party attorney(s). An attorney-client relationship is not formed when you submit information through the form. Hiring a lawyer is a critical decision and should not be predicated solely on comments, advertisements, or other content found on any website. You are under no obligation to retain a lawyer who contacts you through this service.

Add Comment