Navvis and St. Louis-based SSM Health have agreed to a $6.5 million settlement to resolve allegations related to a 2023 data breach, according to an April 21 report by Top Class Actions.
Here are four things to know:
- The breach occurred in July 2023 and spanned nearly two weeks. It involved a ransomware attack that compromised sensitive data within the organizations’ shared operations. Navvis, a population health management company, collaborates closely with SSM Health.
- No admission of wrongdoing was made by either party. The settlement is intended to compensate individuals affected by the breach and resolve a class-action lawsuit filed in its aftermath.
- Eligible individuals can seek reimbursement for expenses related to the incident. Ordinary expenses—such as bank fees or credit monitoring—may be reimbursed up to $2,000. Victims of identity theft or significant financial harm may receive up to $5,000 for extraordinary expenses.
- Two years of free credit monitoring will be provided as part of the settlement.
