The Tyler Technologies ransomware data breach class action lawsuit (Casey v. Tyler Technologies, Inc.) addresses a significant cybersecurity incident that compromised sensitive personal information belonging to thousands of individuals across multiple states. On March 23, 2024, the LockBit ransomware gang infiltrated Tyler Technologies’ isolated private cloud segment that hosted the STAR platform—a regulatory-filing system used by government agencies including the District of Columbia Department of Insurance, Securities & Banking (DISB).
The breach exposed names, Social Security numbers, dates of birth, driver’s license numbers, and other personally identifiable information, with attackers claiming to possess approximately 800GB of data from state agencies and financial institutions. The settlement in this case was finalized on August 21, 2025, with Tyler Technologies agreeing to pay eligible victims up to $3,500 for documented identity theft losses or a flat $75 for those without documented losses, plus 36 months of credit monitoring and identity theft protection coverage. However, it’s critical to note that the deadline to file a claim was May 29, 2025—claims submitted after this date are generally not eligible for compensation. If you were affected by this breach and missed the deadline, you may still have limited options through the settlement administrator’s claims process.
Table of Contents
- What Happened During the Tyler Technologies Security Breach?
- What Data Was Compromised in the Breach?
- How Did the Class Action Lawsuit Develop?
- What Compensation Are Victims Eligible to Receive?
- Critical Deadline and Claim Filing Process
- How Did the Breach Impact Regulatory Agencies?
- What This Breach Reveals About Government Contractor Security
- Conclusion
What Happened During the Tyler Technologies Security Breach?
The Tyler Technologies data breach originated when the LockBit ransomware gang gained unauthorized access to a segment of the company’s private cloud infrastructure on March 23, 2024. Rather than encrypting files and demanding a ransom (the typical ransomware approach), LockBit appears to have focused on data exfiltration—stealing files before their presence was discovered. The attackers specifically targeted the STAR platform, which serves as the regulatory filing system for various government bodies, meaning the compromised data included highly sensitive government and financial records, not just consumer information.
Tyler Technologies is one of the largest software providers to local and state government agencies, serving courts, public safety departments, and financial regulators nationwide. This makes the breach particularly significant because the stolen data wasn’t limited to one entity; it affected multiple state agencies and financial institutions that use the STAR platform. For example, the D.C. Department of Insurance, Securities & Banking confirmed its records were among those accessed, containing sensitive financial and identity information for residents who had filed regulatory documentation.
What Data Was Compromised in the Breach?
The information stolen in the Tyler Technologies breach included core identifying details that pose significant identity theft risks: names, Social Security numbers, dates of birth, and driver’s license numbers. LockBit claimed to have extracted approximately 800GB of files from affected agencies including DISB, the SEC filings through related systems, Delaware banking institutions, and other financial entities. While the gang initially leaked only about 1GB of files publicly, the total scope of data they possessed was far larger, creating ongoing risk for millions of potentially affected individuals.
The compromised data categories make this breach particularly dangerous because they represent the essential information needed to commit identity fraud—opening credit accounts, filing false tax returns, or obtaining loans in victims’ names. A critical limitation of the settlement is that compensation for documented losses only applies to those who can prove actual financial fraud or identity theft occurred after the breach. Many victims may not discover fraudulent activity for months or years, and by that point, they may face difficulties establishing that the fraud originated from the Tyler Technologies breach specifically.
How Did the Class Action Lawsuit Develop?
The class action lawsuit, Casey v. Tyler Technologies, Inc., was filed in the District Court of Oklahoma County, State of Oklahoma (Case No. CJ-2024-5929) and was also docketed in the U.S. District Court for the Eastern District of Texas (2:2024cv00425). The lawsuit accused Tyler Technologies of failing to implement adequate security measures to protect the sensitive data stored on its systems.
Despite the serious nature of the breach and the company’s significant resources, Tyler Technologies had not adequately protected a segment of its private cloud infrastructure from sophisticated ransomware attacks—a failure that had real consequences for hundreds of thousands of individuals across the country. Tyler Technologies did not admit wrongdoing but agreed to settle the case to avoid further litigation costs and reputational damage. This is a common approach in data breach settlements where companies deny liability while still providing compensation to affected parties. The settlement was granted final approval on August 21, 2025, meaning all negotiation and court approval processes were complete. From that point forward, eligible victims could begin filing claims through the official settlement portal at tylerdatasettlement.com.
What Compensation Are Victims Eligible to Receive?
The settlement provides tiered compensation based on whether victims can document actual losses from fraud or identity theft. Those with documented losses—such as fraudulent credit card charges, unauthorized loans, or false tax filings—can claim up to $3,500 in compensation. For those without documented losses, the settlement provides a flat $75 payment intended to compensate for time and inconvenience spent dealing with the breach aftermath. Compared to many major data breach settlements, these amounts are moderate; some settlement pools for large-scale identity theft cases have offered $5,000 or more per victim, though eligibility requirements were often stricter.
Beyond monetary compensation, all eligible class members receive 36 months of credit monitoring and identity theft protection services. This package includes one-bureau credit monitoring (which tracks credit activity with one of the three major credit bureaus), identity theft insurance with coverage up to $1,000,000, and access to a fraud resolution agent who can help dispute fraudulent accounts and restore a victim’s identity. The tradeoff is that while 36 months of monitoring is valuable, it represents protection for only three years—after that period ends, victims must pay for monitoring themselves if they choose to continue it. Given that identity theft can occur years after a data breach, the three-year window is helpful but ultimately limited.
Critical Deadline and Claim Filing Process
The claim deadline for the Tyler Technologies settlement was May 29, 2025—meaning claims had to be filed online or postmarked by that date to be eligible for compensation. This is an important limitation that affects many potential victims: if you did not submit a claim by May 29, 2025, you are likely ineligible for the monetary settlement compensation, though you may still be enrolled in the credit monitoring services if you were part of the affected population. The settlement administrator determined eligibility based on exposure to the breach, which was generally established through government records or notification lists maintained by affected agencies.
To file a claim, victims were required to use the official settlement portal at tylerdatasettlement.com and provide proof of losses (for the up-to-$3,500 category) or simply verify their identity and eligibility for the $75 flat payment. The warning here is that scammers have been known to impersonate settlement administrators with fraudulent claims websites or emails. Legitimate settlement communications come only from the official portal and associated notices from the court-appointed claims administrator—never from unsolicited emails or calls requesting personal information or claiming to expedite your claim.
How Did the Breach Impact Regulatory Agencies?
The breach had significant consequences for the government agencies that rely on the STAR platform for regulatory filing operations. For instance, the D.C. Department of Insurance, Securities & Banking had to notify affected individuals, coordinate with law enforcement, and establish procedures to monitor for fraudulent activity involving the compromised records.
When government databases are breached, the ripple effects extend beyond the data itself—agencies must rebuild public trust, implement enhanced security protocols, and often increase their IT budgets to prevent future incidents. This breach serves as a real-world example of why government cybersecurity is a critical concern. Unlike private companies that might absorb a breach as a cost of doing business, government agencies handle public financial records and regulatory information that affects entire communities. The incident prompted conversations about stronger vendor management requirements—ensuring that government contractors like Tyler Technologies maintain security standards commensurate with the sensitivity of the data they handle.
What This Breach Reveals About Government Contractor Security
The Tyler Technologies breach highlights a persistent vulnerability in the way government agencies rely on third-party vendors for critical infrastructure. Tyler Technologies serves thousands of local and state agencies nationwide, meaning a single security failure at the company can cascade across multiple jurisdictions and affect millions of residents. While the company is a legitimate, established software provider, the incident demonstrates that size and reputation alone do not guarantee adequate cybersecurity practices.
Going forward, the breach has prompted greater scrutiny of vendor security protocols in government procurement. Agencies are increasingly requiring cybersecurity audits, mandating specific security standards, and implementing contractual penalties for data breaches. For residents, this event underscores the importance of monitoring credit reports regularly and considering paid credit monitoring services that extend beyond the three-year settlement window. The Tyler Technologies case serves as a reminder that even established companies handling sensitive government data can be vulnerable to sophisticated ransomware attacks.
Conclusion
The Tyler Technologies ransomware data breach class action settlement provides compensation and monitoring services to victims of a significant 2024 cybersecurity incident that compromised personal identifying information across multiple state agencies and financial institutions. Eligible victims who filed claims by the May 29, 2025 deadline can receive up to $3,500 for documented losses or a flat $75 payment, along with 36 months of credit monitoring and identity theft protection services valued at $1,000,000 in insurance coverage.
However, the claim deadline has now passed, and individuals who did not submit claims by that date are generally ineligible for monetary compensation. If you believe you were affected by this breach, take immediate steps to protect yourself: obtain your free annual credit report at annualcreditreport.com, monitor your credit regularly for unauthorized accounts, consider additional identity theft protection beyond the three-year settlement window, and report any suspicious activity to the Federal Trade Commission at reportfraud.ftc.gov. While the settlement process is now in the claim-filing phase, understanding what happened and remaining vigilant about your financial accounts remains essential for long-term identity protection.