Emergency Medical Services Authority Settles $1.5M Data Breach Class Action
The Emergency Medical Services Authority (EMSA) has agreed to a $1.5 million settlement to resolve a class action lawsuit stemming from a data breach that occurred between February 10 and 13, 2024. The incident allegedly exposed sensitive personal information stored by EMSA, leading to claims of negligence in safeguarding the data.
Who Is Eligible?
The settlement covers U.S. residents whose private information was potentially compromised in the breach and who received a mailed notice from EMSA regarding the incident.
Compensation Details
Eligible class members may claim:
- Up to $3,000 for documented, unreimbursed expenses (e.g., bank fees, credit monitoring, professional services) incurred between February 10, 2024, and March 5, 2026.
- Up to $60 for lost time (four hours at $15/hour) spent addressing the breach, provided at least one full hour was dedicated to related tasks.
- Two years of single-bureau credit monitoring, if selected.
Payments will be distributed via check, PayPal, Venmo, Zelle, or a virtual prepaid card. If total valid claims exceed the $1.5 million fund, payouts will be reduced proportionally.
Key Deadlines
- Opt-out deadline: February 3, 2026
- Claim submission deadline: March 5, 2026
- Final approval hearing: April 6, 2026
- Payout distribution: Approximately 60 days after final court approval, pending appeals.
Settlement Fund Allocation
The $1.5 million fund covers:
- Settlement administration and notice costs (TBD)
- Up to $400,000 in attorneys’ fees and expenses
- Up to $5,000 in service awards for class representatives
- Remaining balance for eligible claims
Background
Plaintiffs alleged EMSA failed to adequately protect sensitive data, though the organization denies wrongdoing. The settlement was reached to avoid prolonged litigation.
Source: https://www.claimdepot.com/settlements/emsa-settlement
EMSA- Emergency Medical Services Authority cybersecurity rating report: https://www.rankiteo.com/company/emsaok
"id": "EMS1765391334",
"linkid": "emsaok",
"type": "Breach",
"date": "2/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Individuals whose private '
'information was stored by EMSA',
'industry': 'Emergency Medical Services',
'location': 'United States',
'name': 'Emergency Medical Services Authority',
'type': 'Government/Healthcare'}],
'customer_advisories': 'Mailed notices to affected individuals',
'data_breach': {'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High (personally identifiable '
'information)',
'type_of_data_compromised': 'Private information, sensitive '
'data'},
'date_detected': '2024-02-10',
'description': 'Emergency Medical Services Authority agreed to pay $1.5 '
'million to settle a class action lawsuit alleging a data '
'incident that occurred between Feb. 10, 2024, and Feb. 13, '
'2024, allowed unauthorized access to files containing private '
'information. The lawsuit claims the breach exposed the '
'sensitive data of individuals whose information Emergency '
'Medical Services Authority stored.',
'impact': {'data_compromised': 'Private information, sensitive data',
'financial_loss': '$1,500,000 (settlement fund)',
'identity_theft_risk': 'High (credit monitoring offered)',
'legal_liabilities': 'Class action lawsuit settlement'},
'investigation_status': 'Settled (class action)',
'post_incident_analysis': {'root_causes': 'Alleged negligence in protecting '
'sensitive data'},
'references': [{'source': 'Class action settlement notice'}],
'regulatory_compliance': {'legal_actions': 'Class action lawsuit'},
'response': {'communication_strategy': 'Mailed notices to affected '
'individuals'},
'title': 'Emergency Medical Services Authority $1.5M Data Breach',
'type': 'Data Breach'}