RINA Accountants & Advisors has established a $400,000 settlement fund to compensate individuals whose personal information was exposed in a February 2022 data breach. The settlement, resulting from the case Cresse v. RINA Accountants & Advisors, offers affected individuals up to $10,000 per person to cover documented, unreimbursed economic losses directly caused by the breach.
For example, if an individual spent $500 on credit monitoring services or $2,000 on credit repair after discovering fraudulent accounts opened in their name, they could potentially recover those expenses through the settlement, up to the $10,000 maximum. The breach occurred on February 28, 2022, when an unauthorized third party gained access to RINA’s systems containing sensitive client data including Social Security numbers and other personally identifiable information. RINA did not publicly disclose the breach until August 1, 2022—more than five months later—giving affected individuals a delayed window to take protective action. The settlement also provides two years of complimentary credit monitoring enrollment for all Settlement Class Members, adding additional value beyond the cash compensation.
Table of Contents
- What Triggered the RINA Data Breach and How Did It Impact Clients?
- How Much Money Can Each Person Receive from the $400,000 RINA Settlement?
- Who Qualifies as an Eligible Member of the RINA Settlement Class?
- What Are the Steps to File a Claim for the RINA Settlement, and When Must You Act?
- What Credit Monitoring Services Does the Settlement Provide, and Are There Limitations?
- What Common Mistakes and Scams Should Settlement Class Members Avoid?
- How Does the RINA Settlement Compare to Other Accounting and Professional Services Firm Data Breaches?
What Triggered the RINA Data Breach and How Did It Impact Clients?
The February 28, 2022 breach at RINA Accountants & Advisors exposed the personal information of an unknown number of the firm’s clients and former clients. The unauthorized access gave a third party the ability to view and potentially extract sensitive data, including social Security numbers, which are among the most valuable pieces of personal information on the black market and to identity thieves. RINA operates as an accounting and advisory firm, meaning its files contain financial and tax information alongside contact details and identification numbers—a treasure trove for fraud purposes.
The delayed disclosure until August 1, 2022 is significant because it extended the window during which fraudsters could exploit the stolen data without the victims’ knowledge. For individuals whose information was compromised, those five months represented a crucial period when they had no reason to suspect their SSN and other details were in criminal hands. By contrast, some companies notify affected individuals within weeks, giving them more time to place fraud alerts and freeze their credit before any damage occurs.
How Much Money Can Each Person Receive from the $400,000 RINA Settlement?
The settlement fund totals $400,000 and will be distributed among all eligible Settlement Class Members, with the court-appointed administrator, Simpluris, overseeing the claims process. Each person can recover up to $10,000 for documented, unreimbursed economic losses they can prove were caused by the data breach. If you spent money on credit monitoring, credit report freezes, identity theft insurance, or credit repair services after learning about the breach, those expenses may qualify. medical bills or legal fees incurred while addressing identity theft or fraud are also potentially recoverable.
However, the $10,000 maximum per person is subject to a critical limitation: the total settlement fund is only $400,000. If many people submit claims for their full losses, the fund may run out before all claims are fully paid. For example, if 50 people each submit valid claims totaling $8,000 in losses, the fund would be exhausted at $400,000 and potentially unable to cover additional claimants fully. Claimants will only receive payment if they submit documented proof of their losses and if the settlement fund has sufficient money after all claims are processed. In many data breach settlements with this dynamic, approved claimants receive a proportional reduction if claims exceed available funds.
Who Qualifies as an Eligible Member of the RINA Settlement Class?
To be eligible for the RINA settlement, you must have received a RINA data breach notification letter indicating that your personal information was compromised in the February 2022 breach. The company sent these letters to all individuals whose data was exposed, which serves as the official eligibility verification. If you worked with RINA as a client or had interactions with the firm that resulted in your information being in their systems, and you received a notification letter, you are part of the Settlement Class.
one important limitation is that you must have actually received notice from RINA to be eligible. If your information was breached but you never received a notification letter—perhaps because your address on file was outdated, or for other reasons—you would need additional documentation to prove your membership in the Settlement Class. The claims process requires you to reference the notification letter or demonstrate your connection to RINA during the relevant time period. This means individuals who moved without updating their information with RINA, or who don’t remember receiving a letter, may face challenges substantiating their claim eligibility.
What Are the Steps to File a Claim for the RINA Settlement, and When Must You Act?
The critical deadline for submitting a claim is March 24, 2026. This means you must have your completed claim form and supporting documentation submitted to Simpluris by this date to be eligible for settlement compensation. To file, you need to visit the official settlement website at https://rinadatabreachsettlement.com/, where you’ll find claim forms and instructions specific to your situation. The process typically requires you to provide personal information to verify your identity, details about the breach notification letter you received, and documentation of any economic losses you’re claiming.
For supporting documentation, gather receipts, invoices, or bank statements showing the expenses you incurred as a result of the breach—credit monitoring bills, credit freeze fees, or statements from credit monitoring services you enrolled in after learning about the breach. Keep in mind that courts and settlement administrators scrutinize claimed expenses carefully; you’ll need proof that the expense was directly caused by the breach and that you paid it yourself. The March 24, 2026 deadline is absolute in most settlement agreements, meaning claims received even one day late are typically rejected. Given that this deadline is likely only weeks away from when many people will read this article, acting immediately is essential to avoid missing your opportunity entirely.
What Credit Monitoring Services Does the Settlement Provide, and Are There Limitations?
Beyond the cash settlement fund, all Settlement Class Members have access to two years of free credit monitoring enrollment. This benefit helps detect identity theft and fraudulent account creation in real time, providing early warning if someone tries to open accounts or make charges using your compromised information. The enrollment process is typically straightforward and available through the settlement administrator, Simpluris, or through the official settlement website. However, credit monitoring does have meaningful limitations.
While it alerts you to changes on your credit file and new accounts, it cannot prevent fraud before it happens. If a fraudster has your SSN and other personal details, they can still apply for credit cards or loans, and the monitoring service will only notify you after the fraudster has already applied and potentially been approved. Additionally, the two-year period is time-limited; after that window closes, you lose the free monitoring benefit. Many identity theft experts recommend that data breach victims place a credit freeze (which costs money but is more protective than monitoring) or at minimum set fraud alerts with the credit bureaus, actions that go beyond what the settlement’s monitoring benefit provides.
What Common Mistakes and Scams Should Settlement Class Members Avoid?
Scammers frequently target data breach settlements, knowing that affected individuals are already worried about identity theft and may be less cautious. Fraudulent websites or emails claiming to offer “help” filing the RINA claim are common; these malicious actors aim to harvest your personal information or trick you into paying fake filing fees. The only official settlement website is https://rinadatabreachsettlement.com/, and there is no legitimate filing fee. If anyone asks you to pay money upfront to file your claim, you are being scammed.
Another mistake is overstating or exaggerating claimed losses. While documenting every legitimate expense is appropriate, submitting inflated claims, claims for expenses that don’t connect to the breach, or losses you didn’t actually incur will result in claim denial and could expose you to fraud investigation. Settlement administrators and courts cross-reference claims, and discrepancies between what you claim and what documentation shows will be flagged. Additionally, do not share your settlement communication, notification letter, or personal information with anyone claiming to be a “claim processing helper” or representative of Simpluris, unless you initiated contact directly with the official settlement administrator.
How Does the RINA Settlement Compare to Other Accounting and Professional Services Firm Data Breaches?
Data breaches at accounting and tax preparation firms have become increasingly common in recent years, with firms like H&R Block, TaxACT, and others experiencing similar incidents. The RINA settlement of $400,000 with a $10,000 per-person cap falls in the mid-range for accounting firm breaches; some settlements have been smaller ($100,000 to $200,000 ranges), while others involving larger firms have reached into the millions. The two-year credit monitoring benefit is standard across most data breach settlements, though some better-resourced firms offer extended monitoring periods or broader identity theft protection services.
One forward-looking consideration is that data breach litigation and settlements are evolving. Newer settlements increasingly include requirements for the breached company to implement specific security improvements, audit protocols, or governance changes to prevent future incidents. Future claimants at firms that experience additional breaches may have stronger legal claims and potentially higher settlements if the prior incidents demonstrated negligence or failure to implement reasonable safeguards.
You Might Also Like
- WECA $500,000 Data Breach Class Action Settlement
- Varsity Brands $1.1 Million Data Breach Class Action Settlement
- Tri Counties Bank $1.185 Million Data Breach Class Action Settlement
Open Settlements You Can Claim Now
Browse current class action settlements accepting claims — several require no proof of purchase: