Subscribe To Our Newsletter
Subscribe To Our Newsletter
A $3.3 million class action settlement has been reached to resolve a data breach lawsuit against Washington-based medical providers Mt. Baker Imaging and Northwest Radiologists. The litigation followed a cyberattack between January 20 and January 25, 2025, that exposed the private health and personal records of thousands of patients nationwide.
The class action lawsuit, In re: Mt. Baker Imaging LLC, Data Security Litigation, was filed in the Superior Court of the State of Washington for Whatcom County. Affected patients launched the legal action after discovering that an unauthorized third party successfully breached the companies’ digital networks between January 20 and January 25, 2025. If your personal or medical data was compromised during this timeframe, you may be eligible to recover significant financial compensation and secure protective identity services.
Filing a claim allows everyday people to hold companies accountable for data negligence. When major medical providers fail to implement standard cybersecurity upgrades, it is the patients who suffer the long-term consequences of identity theft and financial fraud. This multi-million dollar fund ensures that impacted consumers do not stand alone when picking up the pieces after a major corporate data failure.
The cybersecurity failure at the center of this litigation impacted two prominent medical networks providing specialized services across Washington State. Mt. Baker Imaging and Northwest Radiologists operate as interconnected medical imaging and radiology providers, handling thousands of sensitive patient files, digital scans, and diagnostic records every single year.
According to the initial complaint, the security vulnerabilities allowed hackers to infiltrate the internal networks unchecked for a five-day period in early 2025. During this window, cybercriminals managed to gain access to databases containing highly restricted patient profiles. For the individuals affected, the exposure of this data created immediate risks of targeted phishing scams and complex financial identity theft.
The plaintiffs contended that both medical entities failed to deploy reasonable, up-to-date cybersecurity measures that are standard within the healthcare industry. In the modern digital landscape, medical providers are primary targets for hackers due to the high black-market value of complete patient profiles. The lawsuit argued that the defendants should have anticipated these digital threats and fortified their systems accordingly.
While Mt. Baker Imaging and Northwest Radiologists have denied all allegations of legal wrongdoing, the companies chose to establish a $3.3 million settlement fund to resolve the litigation. This fund is structured to provide direct financial assistance to consumers who incurred expenses while trying to protect their identities following the security incident.
Under the agreed terms of the settlement, eligible class members can claim direct reimbursement for documented out-of-pocket losses stemming from the breach. This includes a wide range of common financial burdens, such as unexpected bank fees, professional consultation expenses, unreimbursed fraud losses, credit monitoring subscriptions, communication fees, and documented travel or mileage expenses incurred while resolving identity issues. Class members can submit claims to receive up to $5,000 for these out-of-pocket damages.
In addition to expense reimbursement, every qualifying individual who files a valid claim will receive an equal, pro rata cash payment pulled from the remaining settlement fund. The final dollar amount of these individual checks will depend entirely on how many eligible class members participate before the final processing window closes.
Because medical data breaches carry long-term risks that extend far beyond immediate financial losses, the settlement features an integrated identity defense package. Unlike standard data breaches that only expose credit cards, healthcare data theft can lead to fraudulent medical billing and compromised insurance profiles that take years to unravel.
To address these unique risks, the settlement provides all participating class members with two full years of specialized medical identity theft protection and credit monitoring services. This security coverage is being supplied through CyEx, a prominent national digital security firm. The comprehensive plan includes active, single-bureau credit monitoring to watch for unauthorized accounts opened in your name.
More importantly, the CyEx package features specialized medical information protection. This service actively scans digital networks to ensure your healthcare credentials, diagnostic history, and patient identification numbers are not being traded illicitly or utilized by unauthorized individuals to obtain medical treatment.
To determine whether you can participate in this multi-million dollar fund, you must meet the specific geographic and chronological criteria established by the Washington court. You may be eligible to secure these benefits if your private personal or medical information was actually or potentially compromised during the Mt. Baker Imaging and Northwest Radiologists data security breach that took place between January 20 and January 25, 2025.
The settlement is open to individuals nationwide, provided their records were part of the systems breached during that specific five-day window. If you received a formal data breach notification letter from Mt. Baker Imaging or Northwest Radiologists regarding the January 2025 event, you are highly likely to be considered an official class member.
It is important to remember that filing a claim is done under penalty of perjury. Submitting a fraudulent claim harms eligible class members by reducing the pro rata cash distribution available to those who truly suffered damages. If you are uncertain about your status, you can review the official FAQ page hosted on the dedicated settlement website, MtBakerDataSettlement.com, to verify your details.
To secure your share of the cash fund or activate your complimentary credit monitoring services, you must act before the court-ordered windows expire. The most critical timeline for everyday people to remember is the final claim submission date. All valid claim forms must be completed and submitted to the claims administrator by August 19, 2026.
If you wish to opt out of the settlement to retain your right to sue the companies individually, or if you wish to formally object to the terms of the deal, you must submit your request for exclusion or objection by July 20, 2026. Missing this earlier deadline means you waive your right to pursue independent legal action regarding this specific data breach.
The Superior Court of Washington for Whatcom County has scheduled the final approval hearing for August 21, 2026. During this hearing, the judge will review the participation rates and make a final determination on whether the $3.3 million settlement is fair and adequate. If approved, distribution timelines for the cash checks and identity protection activation codes will be established shortly thereafter.
New cases and investigations, settlement deadlines, and news straight to your inbox.
