Charleston Area Medical Center $1M Settlement for 2024 Email Phishing Data Breach
The Charleston Area Medical Center $1M Settlement for 2024 Email Phishing Data Breach settlement offers $1M in total, with individual payouts of $6.08K to eligible claimants who received a mailed notice from charleston area medical center (camc) in february 2025. The deadline to file is June 10, 2026. Proof of purchase is required.
Deadline: June 10, 2026
Total amount allocated for all claims
Estimated amount per eligible claim
Online claims require the ILYM ID and passcode provided in the notice. Claims for documented monetary losses must include supporting documentation such as receipts, invoices, bank or credit card statements showing unreimbursed fraud or related expenses. Attested time claims require a description of activities and hours spent (up to four hours at $20/hour). Claims may be filed online or by mailing a completed PDF claim form to the settlement administrator; deadline: June 10, 2026.
Settlement Summary
In October 2024 an email phishing attack on Charleston Area Medical Center (CAMC) allegedly exposed personal, medical and financial data for more than 67,000 people; a class action claimed CAMC failed to adequately safeguard that information and the parties agreed to a $1 million settlement. Under the deal, class members who received notice may claim up to $6,080 (combining documented out‑of‑pocket losses and up to four hours’ time) or receive a pro rata cash share, plus four years of identity‑theft monitoring — while CAMC denies liability it settled to avoid the expense and uncertainty of continued litigation. The suit’s significance lies in the direct financial relief for victims and the message it sends about the exposure risk and legal costs hospitals face after phishing incidents. The CAMC settlement fits a broader pattern of healthcare cyberclaims and regulatory scrutiny: high-profile incidents at other health systems have produced large civil settlements and OCR enforcement actions, and class actions increasingly follow patient‑data breaches. Healthcare entities operate under HIPAA and state breach‑notification laws that require safeguards, timely notices, and risk mitigation; failures to implement basic controls like multi‑factor authentication, email filtering and staff training frequently underlie phishing‑related compromises. For patients and providers alike, the case underscores the persistent threat of social‑engineering attacks, the value of identity monitoring for affected individuals, and the continuing legal and compliance pressures on the healthcare sector.
Entities Involved
Related Topics
Eligibility Requirements
- Received a mailed notice from Charleston Area Medical Center (CAMC) in February 2025
- Personal, medical, or financial information was potentially exposed in the October 2024 breach
- Current or former CAMC patients and other individuals included in the class
- Did not timely exclude yourself from the class (exclusion deadline May 26, 2026)
- File a valid claim by the June 10, 2026 deadline
Featured Investigations
Stay Updated
Subscribe to our newsletter for the latest settlement updates and news.
Important Notice About Filing Claims
Submitting false information in a settlement claim is considered perjury and will result in your claim being rejected. Fraudulent claims harm legitimate class members and may result in legal consequences.
If you are unsure about your eligibility for this settlement, please visit the official settlement administrator’s website using the link provided above. Review the eligibility criteria carefully before submitting a claim.
Class Action Champion is an independent information resource and is not affiliated with any settlement administrator, law firm, or court. We provide settlement information as a service to help connect eligible class members with legitimate settlements.