Absolute Dental Settles Class Action Data Breach Lawsuit for $3.3M

A class action lawsuit filed against Absolute Dental Group, LLC, and Judge Consulting, Inc., over a 2025 data breach has been settled for $3,300,000. Absolute Dental is a Nevada-based dental care provider, and Judge Consulting is a provider of technology consulting, staffing solutions, and corporate training services. Absolute Dental contracted with Judge Consulting as its managed services provider and was responsible for the daily management and operations of Absolute Dental's IT systems. Absolute Dental identified suspicious activity within its network on February 26, 2025, and the forensic investigation confirmed that an unauthorized third party accessed its network between February 19, 2025, and March 5, 2025. Access was gained through an account associated with Judge Consulting. The hackers had access to names, contact information, Social Security numbers, driver's license numbers, health information, health insurance information, financial information, and other sensitive data. The data breach was one of the largest of the year, affecting 1,223,635 individuals. Several class action lawsuits were filed in response to the data breach, which were consolidated into a single complaint – Jordan et al. v. Absolute Dental Group, LLC, et al., – in the U.S. District Court for the District of Nevada. The lawsuit alleged that the defendants failed to adequately secure patient data, failed to properly monitor their systems for intrusions, and failed to provide timely notice to the victims of the breach. The lawsuit asserted claims for negligence, negligence per se, breach of contract, breach of implied contract, unjust enrichment, breach of fiduciary, breach of confidence, invasion of privacy, violations of the Nevada Privacy of Information Collected on the Internet From Consumers Act, and declaratory and injunctive relief. Following mediation, the plaintiffs and the defendants agreed to a settlement that was acceptable to all parties, with no admission of wrongdoing, fault, or liability by the defendants. A $3,300,000 settlement fund will be established to cover attorneys' fees and expenses, settlement administration and notification costs, and service awards for the five class representatives. The remainder of the settlement fund will be used to pay for benefits for the class members. Class members may choose to submit a claim for reimbursement of documented, unreimbursed losses due to the data breach up to a maximum of $5,000 per class member, or they may claim an alternative pro rata cash payment, the value of which will depend on the number of valid claims received. Residents of California at the time of the data breach also qualify for an additional cash payment. The deadline for objection to and exclusion from the settlement is June 9, 2026. Claims must be submitted by June 18, 2026, and the final approval hearing has been scheduled for July 30, 2026.

(Source：The Hipaa Journal)