Staten Island University Hospital Data Breach Settlement Deadline: What To Do Before The Posted Deadline - Featured image
Illustration for Staten Island University Hospital Data Breach Sett

Staten Island University Hospital Data Breach Settlement Deadline: What To Do Before The Posted Deadline

If you received a notice about the Staten Island University Hospital data breach settlement, the most important thing you need to do right now is file...

If you received a notice about the Staten Island University Hospital data breach settlement, the most important thing you need to do right now is file your claim before the March 16, 2026 deadline at medibasesiuhdatabreachsettlement.com. You have three options: claim a flat $35 cash payment, request reimbursement for up to $1,000 in documented out-of-pocket losses, or enroll in two years of medical data monitoring with a $1 million identity theft insurance policy. For example, if you spent money on credit monitoring services after learning your data was exposed, you could file for reimbursement of those costs rather than taking the flat payment — but only if you act before the deadline passes. This settlement stems from Santiago et al.

V. Staten Island University Hospital, a lawsuit filed after an unauthorized third party breached the systems of The Medibase Group Inc., a vendor that provides healthcare solutions, technical assistance, and business office solutions to SIUH. The breach occurred in January 2024 and affected 35,106 individuals whose names, Social Security numbers, dates of birth, medical information, and health insurance information were compromised. SIUH denies wrongdoing but agreed to settle to avoid the cost of continued litigation.

Table of Contents

What Is the Staten Island University Hospital Data Breach Settlement Deadline and What Should You Do Before It?

There are actually multiple deadlines tied to this settlement, and they serve different purposes. The deadline to opt out or request exclusion from the settlement was March 2, 2026 — that date has already passed. The deadline to submit a claim is March 16, 2026, which is the one that matters most for anyone who wants compensation. After that, the final fairness hearing is scheduled for March 31, 2026, where a judge will decide whether to approve the settlement terms. If you do nothing before March 16, you lose your right to any of the three benefit options.

You would still be bound by the settlement terms, meaning you could not file your own individual lawsuit against SIUH over this breach, but you would walk away with nothing. Compare that to taking five minutes to file a claim for the $35 flat payment — there is no reason to leave that on the table if you qualify as a class member. Before the deadline, you should gather any documentation of expenses you incurred because of the breach. This includes receipts for credit monitoring services, records of time spent dealing with fraudulent charges, bank statements showing unauthorized transactions, or bills from identity theft recovery services. If you do not have documentation or did not suffer specific losses, the $35 flat payment requires no proof beyond your eligibility as a class member.

What Is the Staten Island University Hospital Data Breach Settlement Deadline and What Should You Do Before It?

How the Medibase Vendor Breach Exposed Patient Data at SIUH

The breach did not happen at Staten island University Hospital directly. It occurred at The Medibase Group Inc., a third-party vendor that handles healthcare solutions, technical assistance, and business office functions for SIUH. In January 2024, an unauthorized party gained access to Medibase’s systems. Medibase did not notify SIUH of the breach until May 8, 2024 — roughly four months after the intrusion. That delay matters.

If your data was compromised in January and you were not notified until months later, identity thieves had a significant head start. During that gap, affected individuals had no reason to monitor their accounts more closely or freeze their credit. The lawsuit asserted claims of negligence, negligence per se, breach of implied contract, and unjust enrichment — essentially arguing that SIUH and its vendor failed to adequately protect sensitive patient data and then failed to provide timely notice. However, if you were a patient at SIUH but your data was not processed through Medibase’s systems, you may not be a class member. The 35,106 affected individuals are specifically those whose information was in the Medibase systems that were compromised. If you are unsure whether you are included, check whether you received a direct notice by mail or visit the settlement website to verify your eligibility.

Staten Island University Hospital Data Breach Settlement OptionsFlat Cash Payment$35Max Expense Reimbursement$1000Identity Theft Insurance Coverage$1000000Monitoring Duration (Months)$24Affected Individuals (Thousands)$35Source: Santiago et al. v. Staten Island University Hospital Settlement

What Data Was Compromised and Why It Matters for Medical Identity Theft

The types of data exposed in this breach go beyond the typical name-and-email combination seen in many corporate data breaches. The compromised information included names, Social Security numbers, dates of birth, medical information, and health insurance information. That combination is particularly dangerous because it enables medical identity theft, which is far more difficult to detect and resolve than standard financial fraud. Medical identity theft occurs when someone uses your health insurance details or personal information to obtain medical care, prescription drugs, or to file fraudulent insurance claims under your name. For instance, if a thief uses your health insurance information to receive treatment, their medical records can become mixed with yours.

This can lead to incorrect information in your medical file — wrong blood type, inaccurate allergy listings, or false diagnoses — which can be life-threatening in an emergency. Unlike a stolen credit card number that you can cancel and replace in a day, correcting corrupted medical records can take months or years. This is precisely why the settlement includes a medical data monitoring option alongside the cash payment alternatives. Standard credit monitoring would not catch someone using your health insurance at a clinic two states away. The medical data monitoring benefit is specifically designed to flag that type of misuse.

What Data Was Compromised and Why It Matters for Medical Identity Theft

How to Choose Between the $35 Flat Payment, Expense Reimbursement, and Data Monitoring

Your first decision is whether you suffered actual out-of-pocket expenses because of the breach. If you paid for credit monitoring, spent hours on the phone disputing fraudulent charges, or incurred any costs tied directly to the January 2024 breach, you can file for reimbursement of documented losses up to $1,000 per class member. You will need receipts, statements, or other proof of those expenses. If your documented losses exceed $35, this is clearly the better financial option. If you did not have any specific expenses — or if the hassle of gathering documentation is not worth it for a small amount — the $35 flat cash payment is the simpler route.

You do not need to prove anything beyond your membership in the class. The tradeoff is straightforward: less money, less effort. The medical data monitoring option with the $1 million identity theft insurance policy serves a different purpose entirely. It does not put cash in your pocket today, but it provides ongoing protection for two years. If you have not already enrolled in some form of identity monitoring since the breach, this benefit has real practical value — especially given that the compromised data included Social Security numbers and medical records, which can be exploited long after the initial breach. You should be able to select the monitoring benefit alongside a cash option, but review the claim form carefully to confirm what combinations are permitted.

Common Problems When Filing Data Breach Settlement Claims

One frequent issue is submitting a claim without adequate documentation for the reimbursement option. If you select the up to $1,000 reimbursement path but attach vague or incomplete records, your claim may be reduced or denied. Be specific: include dates, amounts, and a clear explanation of how each expense relates to the breach. A credit card statement showing a $9.99 monthly charge for a monitoring service you subscribed to after May 2024, when notifications went out, is the kind of direct connection the claims administrator is looking for. Another problem is missing the deadline because you assume you can file later. Settlement claim periods are firm.

Unlike some government benefit programs that allow late applications with good cause, class action settlement deadlines are typically final. If you submit your claim on March 17, 2026, it will almost certainly be rejected regardless of the reason for the delay. Be cautious about third-party services that offer to file your claim for you in exchange for a percentage of your payment. For a $35 flat payment, giving up even 20 percent to a claims-filing service makes no sense. The claim form at medibasesiuhdatabreachsettlement.com is designed to be completed by individuals without legal help. If you run into difficulties, contact the settlement administrator directly through the official website rather than paying a middleman.

Common Problems When Filing Data Breach Settlement Claims

What Happens at the Final Fairness Hearing on March 31, 2026

After the claim deadline passes on March 16, the court will hold a final fairness hearing on March 31, 2026. At this hearing, the judge reviews whether the settlement terms are fair, reasonable, and adequate for the class members. If approved, the claims administrator will begin processing payments and enrolling people in monitoring services. If the judge requires modifications, there could be a delay.

For most class members, there is nothing you need to do for the hearing. Your claim submission before the deadline is what secures your place. The hearing primarily involves the attorneys representing both sides and any class members who chose to file objections before the earlier March 2 deadline. Payouts typically begin weeks to months after final approval, depending on the complexity of the claims review process.

Protecting Yourself Beyond the Settlement

A settlement payment or two years of monitoring will not make you permanently safe. Data that was exposed in January 2024 — particularly Social Security numbers — remains compromised indefinitely. After the monitoring period ends, consider placing a long-term credit freeze with all three major credit bureaus (Equifax, Experian, and TransUnion). A credit freeze is free and prevents anyone from opening new accounts in your name without your explicit authorization.

Going forward, watch for any unfamiliar medical bills, insurance explanation-of-benefits statements for services you did not receive, or calls from debt collectors about medical debts you do not recognize. These are hallmark signs of medical identity theft. The sooner you catch and report it, the easier it is to resolve. File reports with your insurance company, the healthcare provider involved, and the Federal Trade Commission at identitytheft.gov if you spot anything suspicious.

Frequently Asked Questions

Who is eligible for the Staten Island University Hospital data breach settlement?

You are eligible if you are one of the 35,106 individuals whose data was compromised in the January 2024 breach of Medibase Group Inc.’s systems. You should have received a notice by mail. You can also check your eligibility at medibasesiuhdatabreachsettlement.com.

What is the deadline to file a claim?

The deadline to submit a claim is March 16, 2026. The opt-out deadline of March 2, 2026 has already passed.

How much money will I receive from the settlement?

You can receive a flat payment of $35 with no documentation required, or up to $1,000 in reimbursement for documented out-of-pocket expenses caused by the breach. Alternatively, you can enroll in two years of medical data monitoring with a $1 million identity theft insurance policy.

Can I still sue Staten Island University Hospital on my own?

Only if you opted out of the settlement before the March 2, 2026 exclusion deadline. If you did not opt out, you are bound by the settlement terms and release your individual claims against SIUH related to this breach.

Was the breach at the hospital or at a vendor?

The breach occurred at The Medibase Group Inc., a third-party vendor that provides healthcare solutions and business office services to SIUH. Medibase discovered the breach in January 2024 and notified SIUH on May 8, 2024.

Where do I file my claim?

File your claim at the official settlement website: medibasesiuhdatabreachsettlement.com. Do not use third-party filing services that charge fees for submitting a simple claim form.

You Might Also Like

Browse more: Class Action | Uncategorized

Leave a Reply