Geisinger Data Breach Settlement: $5M Payout for 1M+ Patient Records Exposed by Insider

A $5 million settlement has been reached in the Geisinger data breach lawsuit, pending final judicial approval. The case stems from a security incident where a former IT employee improperly accessed and potentially exfiltrated the personal and protected health information of over one million patients. The breach, which involved an insider threat exploiting system access, compromised sensitive patient data. The proposed settlement fund is intended to provide compensation to affected individuals and cover claims related to the breach. The incident highlights significant vulnerabilities in internal access controls and data monitoring within healthcare IT systems. If approved, the settlement will resolve the class-action litigation alleging failures by Geisinger to adequately protect patient information and to prevent unauthorized access by personnel. The breach underscores the ongoing risks of insider threats in the healthcare sector, where vast amounts of sensitive data are held.