Subscribe To Our Newsletter
Subscribe To Our Newsletter
A consolidated class action lawsuit filed against Hillcrest Convalescent Center, Inc.—a North Carolina-based provider of senior care, assisted living, and short-term rehabilitation services alleged that the company failed to implement adequate cybersecurity measures. This security gap reportedly allowed an unauthorized foreign threat actor to breach Hillcrest’s computer network and access sensitive files.
The private information compromised during the senior care facility cyberattack contains highly confidential data categories. According to the lawsuit, the files accessed by the digital hackers included full names, home addresses, dates of birth, financial account details, driver’s license numbers, and other government-issued identification numbers.
Crucially, because Hillcrest is a specialized medical facility, the breach also exposed deep health-related information, such as patient care data, medical treatment details, health insurance records, and specific provider information. For a subset of roughly 20,000 individuals—designated as the “Group 1” subclass—the compromised data also included Social Security numbers, significantly elevating the risk of severe identity fraud.
If you were personally impacted by this healthcare data security failure, you do not have to stand alone against the fallout. All eligible settlement class members can file a claim to receive up to $2,500 in cash reimbursement for verified, out-of-pocket expenses and monetary losses incurred between June 27, 2024, and August 26, 2026.
This financial benefit is designed to cover out-of-pocket losses directly traceable to the breach, including costs associated with fraud or identity theft, bank fees, and fees paid to purchase credit reports. It also covers expenses related to credit monitoring services, placing freezes or unfreezes on credit files, and replacing government-issued identification cards. To secure this payout, you must submit supporting documentation like receipts, statements, or invoices.
Recognizing that a breach of core identity records causes immediate harm, the settlement provides an alternative cash remedy for individuals facing the highest risks. If your Social Security number was among the data potentially compromised in the attack, you are considered a member of the Group 1 settlement subclass.
Group 1 members have the option to bypass the out-of-pocket loss claim process entirely and instead file a claim for a flat, alternative cash payment estimated at $50. No receipts or documentation of identity fraud are required to claim this cash. However, class members whose Social Security numbers were not exposed cannot claim this alternative cash, though they remain fully eligible for all other settlement benefits.
To help you safeguard your personal information in the digital space moving forward, the settlement provides free corporate credit defense tools. All eligible class members, regardless of which subclass they belong to, can submit a claim form to receive two full years of CyEx Identity Defense Complete.
This comprehensive protective package includes continuous credit monitoring through one major credit bureau to quickly alert you to any unauthorized activity on your credit profile. It also features robust identity theft insurance coverage to provide an extra layer of financial security, helping everyday people reclaim peace of mind while navigating their personal and medical records online.
Medical and senior care providers are bound by strict legal and ethical duties to secure the extensive personal data they collect from patients and employees. When digital defense systems fail, class action lawsuits give everyday people a mechanism to hold companies accountable for data vulnerabilities.
This consolidated action, officially titled In re Hillcrest Convalescent Center, Inc. (Case No. 25CV002700-310), was brought before the General Court of Justice in Durham County, North Carolina. The lawsuit combined multiple separate legal actions into a single case, gaining preliminary court approval on April 27, 2026, to ensure a unified path to justice for the thousands of affected individuals.
You may be eligible to participate in this data breach settlement if you are a living individual residing in the United States and your private personal, financial, or medical information was implicated in the June 2024 Hillcrest Convalescent Center security incident.
Generally, if you were a patient, resident, or employee at a Hillcrest facility and received an official notice letter or email regarding this specific data breach, you are considered an eligible class member. The formal notice will also clarify whether you belong to the Group 1 subclass whose Social Security numbers were exposed.
To collect your cash payout or activate your complimentary identity defense protection, you must actively submit a valid claim form before the court-ordered deadline. You can easily complete and file your claim online by visiting the official court-approved website at HCCDataSettlement.com.
To log into the secure online claims portal, you will need to input the unique ID and PIN listed on the physical settlement notice you received. If you prefer a offline method, you can download a printable PDF copy of the claim form from the portal, fill it out completely, and return it via standard mail to the designated settlement administrator.
When participating in a class action settlement, keeping track of strict legal deadlines is critical, as missing a cutoff means giving up your right to any compensation. The court will host a final approval hearing on August 24, 2026, to review the fairness of the deal and make a final determination on the settlement.
The absolute final deadline to file a valid claim form—either submitted online through the portal or postmarked via standard mail—is August 26, 2026. Financial compensation and identity defense activation codes will be distributed by the administrator only after the court grants its final approval and all potential legal appeals are fully resolved.
New cases and investigations, settlement deadlines, and news straight to your inbox.
