HCIactive Data Breach: Is There a Settlement? (July 2026 Status)
Straight answer: no — there is no HCIactive settlement, no claims process, and no payout fund as of July 2026. The July 2025 breach at Healthcare Interactive exposed Social Security numbers and medical records of 3,056,950 people, law firms are investigating, and this page tracks what actually exists — and what to do in the meantime.
Last reviewed: April 2026
Editorially Reviewed — Content reviewed for accuracy using published legal research, government data, and verified court records. See our methodology
Reviewed by Leonard Goldberg, Editor · Last updated
What the Lawsuit Alleges
Between roughly July 8 and 12, 2025 (some state filings trace access back to June 17), an unauthorized actor breached the network of Healthcare Interactive, Inc. (HCIactive) — a Maryland benefits-administration vendor that processes health-plan enrollment and claims data for insurers nationwide. The intrusion was discovered July 22, 2025. Because HCIactive sits upstream of many health plans, the confirmed victim count reached 3,056,950 people — the fifth-largest U.S. healthcare breach of 2025. Exposed data included names, addresses, dates of birth, Social Security numbers, health-plan member IDs, diagnoses, prescriptions, lab results, and insurance claims data. Multiple law firms (Murphy Law Firm, Edelson Lechtzin, Abington Cole + Ellery, among others) opened investigations; HHS OCR is reviewing potential HIPAA violations.
Case Details
No confirmed filed case, no court, no docket number as of July 2026 — law-firm investigations are ongoing and HHS OCR is reviewing the incident. HCIactive's official breach page: hciactive.com/security · company response line: 1-833-855-4330.
Current Status
Who Is Affected & Can You Join?
Nothing to file yet. If a settlement emerges, the class would almost certainly cover people who received an HCIactive/Healthcare Interactive notification letter (mailed from December 2025 onward). Keep that letter — it is your proof of class membership for any future claims process, and it contains your Cyberscout enrollment code.
Is There a Payout?
Case Timeline
- 1
June–July 2025 — The Breach
An unauthorized actor accesses HCIactive's network (state filings cite access as early as June 17; core exfiltration July 8–12). Discovered July 22, 2025.
- 2
September 2025 — Initial HHS Report
HCIactive files with HHS OCR using a 501-person placeholder figure — standard practice while forensics continue. Early law-firm investigations begin.
- 3
December 2–3, 2025 — Notification Letters
Letters begin mailing with 12 months of complimentary Cyberscout credit monitoring. Maine AG filing initially reports 87,565 affected.
- 4
January 7, 2026 — The Real Number
Oregon AG filing reveals the revised total: 3,056,950 people — the 5th-largest U.S. healthcare breach of 2025.
- 5
Early 2026 — Investigations Widen
Multiple firms (Murphy, Edelson Lechtzin, Abington Cole + Ellery, EKSM) recruit affected individuals; HHS OCR review continues. No confirmed filed case surfaces in public dockets.
- 6
July 2026 — Status: No Settlement
Search interest spikes as notification recipients look for a claims process that does not exist yet. This page tracks the litigation; we update it when a case or settlement is confirmed.
Scam & Misinformation Warnings
Whenever a brand lawsuit goes viral, scam sites and bad actors follow. Watch for these red flags:
Fake 'HCIactive settlement' claim sites
There is NO settlement website because there is no settlement. Any site with a claim form for HCIactive money is harvesting the very data (SSNs, insurance IDs) the breach exposed. When a real settlement comes, the administrator will be named in court documents — and on this page.
Phishing that piggybacks on the real letters
Because genuine notification letters went out, scammers send follow-up emails and texts 'from HCIactive' asking you to verify your SSN or bank details 'to receive compensation.' The real company never asks for that; its only offer is the Cyberscout enrollment code printed in your letter.
'Guaranteed payout' case-review funnels
Some lead-generation sites imply a fund exists and promise specific dollar amounts to get your contact details. Legitimate law-firm investigations exist — but nobody can guarantee a payout from litigation that hasn't produced a settlement.
Frequently Asked Questions
Is there an HCIactive settlement?
No. As of July 2026 there is no settlement, no claims process, no administrator, and no fund. Law firms are investigating and HHS OCR is reviewing the breach, but no confirmed class action has produced a payout. We update this page when that changes — bookmark it rather than trusting sites that claim otherwise.
What happened in the HCIactive breach?
Between June/July 8–12, 2025, attackers accessed the network of Healthcare Interactive (HCIactive), a benefits-administration vendor, and exfiltrated files affecting 3,056,950 people: names, dates of birth, Social Security numbers, health-plan details, diagnoses, prescriptions, lab results, and claims data. It ranks as the 5th-largest U.S. healthcare breach of 2025.
I got a notification letter. What should I do right now?
Three things: (1) enroll in the free 12-month Cyberscout credit monitoring using the code in your letter — it does not waive any legal rights; (2) place a free credit freeze with Equifax, Experian, and TransUnion — with SSNs exposed, this is the single most effective protection; (3) keep the letter itself as proof of class membership for any future settlement.
Will there be a settlement eventually?
Nobody can promise it, but breaches of this size and sensitivity (3M+ people, SSNs plus medical records, a HIPAA business associate) have historically ended in class settlements — comparable healthcare-vendor breaches settled for eight-figure funds. The typical path: cases get filed and consolidated, then settle in 1–3 years. The December 2025 letters only started that clock.
Can I join a lawsuit now?
Several firms are actively investigating and signing up affected individuals (Murphy Law Firm, Edelson Lechtzin, Abington Cole + Ellery, among others). Joining an investigation costs nothing — these are contingency cases. Whether to sign with a firm now or wait for a class settlement is a personal choice; class members are typically covered automatically once a settlement exists.
Was my medical information exposed?
If you received a letter: quite possibly yes. The exfiltrated files included diagnoses, prescriptions, lab results, imaging records, and insurance claims data alongside SSNs — one of the more sensitive data combinations a breach can expose, which is why HHS OCR is involved and why litigation interest is high.
Why does HCIactive have my data when I've never heard of them?
HCIactive is a business-to-business vendor — it runs enrollment and benefits administration for health plans and employers. Your insurer or employer's benefits platform used their systems, so your data flowed through them without you ever interacting with the brand. That's also why the breach reached 3 million people across many different health plans.