Onsite Mammography $2.53M Data Breach Settlement, Check If You Qualify for a Payment — Clarkson, et al. v. Onsite Mammography, LLC, Case No. 3:25-cv-11123-MGM

The Onsite Mammography settlement is a $2,525,000 class action case where eligible U.S. residents whose private information was impacted in the October 2024 data breach can receive up to $5,000 by filing a claim before August 11, 2026. The breach involved unauthorized access to a single employee’s email account and affected both personally identifiable information and protected health information. If you received a notice letter from Onsite Mammography or Onsite Women’s Health, your money may be waiting.

Onsite Mammography Data Breach Settlement — Key Facts

Field	Detail
Settlement Amount	$2,525,000
Claim Deadline	August 11, 2026
Opt-Out / Objection Deadline	July 13, 2026
Who Qualifies	U.S. residents who received written notice their private information may have been impacted by the October 2024 breach
Estimated Payout Per Person	Pro rata — varies by number of valid claims filed
Out-of-Pocket Reimbursement	Up to $5,000 with documentation
Credit & Medical Monitoring	3 years (CyEx Medical Shield Complete) + $1M identity theft insurance
Proof Required	Yes for out-of-pocket reimbursement; No for pro rata cash payment
Settlement Status	Preliminary approval granted April 13, 2026
Court & Case Number	U.S. District Court, D. Mass. — Case No. 3:25-cv-11123-MGM
Specific Law Alleged	Negligence; breach of implied contract; breach of fiduciary duty; invasion of privacy; unjust enrichment
Administrator	Eisner Advisory Group LLC — OnsiteSettlement.com — 1-855-389-9238
Official Claim Website	OnsiteSettlement.com
Final Approval Hearing	September 9, 2026, 12:00 PM ET, Springfield, MA
Last Updated	May 26, 2026

Where Does the Onsite Mammography Data Breach Settlement Stand Today?

• The $2,525,000 settlement received preliminary approval from the court on April 13, 2026.
• The claim filing deadline is August 11, 2026 — do not wait until the last minute.
• The Final Approval Hearing is scheduled for September 9, 2026 at 12:00 PM ET in the Hampden Courtroom of the Springfield Courthouse. Payments will not go out until after that hearing and any appeals are resolved.

Who Is Onsite Mammography and Why Are They Facing a Data Breach Settlement?

Onsite Mammography, based in Westfield, Massachusetts, provides medical imaging services to hospitals across the United States, including 3D mammography, automated Whole-Breast Ultrasound, and breast health risk assessment services. The company operates under the brand name Onsite Women’s Health. Because patients share some of their most sensitive health data — diagnoses, imaging results, insurance details — to receive these services, the company held an enormous responsibility to protect it. A phishing attack on a single employee’s inbox was enough to expose the private records of over 357,000 people.

What Did Onsite Mammography’s October 2024 Data Breach Expose?

On October 4, 2024, Onsite discovered unusual activity associated with one employee’s email account and immediately enlisted independent cybersecurity experts to investigate. The investigation confirmed that an unauthorized actor accessed the individual’s email account for a brief window of time and did not access any other systems within the network.

Onsite engaged a third-party data analytics firm to review the affected files, and that review concluded on February 21, 2025, finding that the compromised data included patients’ health information. The exposed data included names, Social Security numbers, dates of birth, driver’s license numbers, credit card numbers, and medical information such as mental and physical health conditions and received care information.

Onsite sent notices to all affected individuals on April 15, 2025. The cybersecurity incident compromised 357,265 individuals.

This type of breach is especially dangerous for healthcare patients. Medical records sell for far more than credit card data on criminal markets because they contain details that cannot be changed — your diagnosis, your treatment history, your insurance numbers. For context on how similar healthcare data breach settlements are structured, see our coverage of the Gryphon Healthcare $2.8M data breach settlement and the Alera Group $2M data breach settlement, both of which used the same documented-loss-plus-pro-rata structure as the Onsite case.

The lawsuit asserts claims including negligence, breach of implied contract, breach of fiduciary duty, invasion of privacy, unjust enrichment, and declaratory judgment. Onsite denies all wrongdoing but agreed to settle to avoid the cost and risk of trial.

If you are a current or former Onsite Mammography patient or received services through Onsite Women’s Health, this case may directly affect you.

Related article: FCA US $3.8M Wage and Hour Settlement, Check If You Are Owed Unpaid Overtime 68K Workers Get Automatic Pay — Featherstone, et al. v. FCA US, LLC, Case No. 2:23-cv-10362

Who Qualifies for the Onsite Mammography Data Breach Settlement?

Here is exactly how to know whether this settlement includes you.

You likely qualify if:

• You received a written notice letter from Onsite Mammography or Onsite Women’s Health stating your private information may have been impacted by the October 2024 breach
• You are a U.S. resident whose personally identifiable information (PII) or protected health information (PHI) was in the compromised email account
• You are a current or former patient who received mammography or imaging services through any clinic or medical facility associated with Onsite Women’s Health

You do NOT qualify if:

• You never received services through Onsite Mammography or any affiliated Onsite Women’s Health clinic
• You are a current officer, director, or affiliate of Onsite Mammography, LLC
• You are a judge presiding over this action or a member of their immediate family
• You previously settled or released claims against Onsite arising from this incident

Onsite Mammography Patients Outside Massachusetts — Are You Still Covered?

Yes. The Settlement Class consists of all individuals residing in the United States whose private information may have been impacted by the incident. Because this case is filed in federal court in the District of Massachusetts under nationwide class certification, it does not matter which state you live in. Patients from Texas, South Carolina, New Hampshire, Maine, and every other state are covered.

If you are unsure whether you qualify for the Onsite Mammography data breach settlement, a free consultation with a data privacy attorney can help you assess your situation before the August 11, 2026 deadline.

How Much Can Onsite Mammography Settlement Class Members Recover? Up to $5,000 Per Person

Onsite Mammography Settlement Payout With Documented Proof — Up to $5,000

Class members may be reimbursed for actual, documented, unreimbursed losses resulting from the incident, up to $5,000 per person, for costs incurred on or after October 2024.

Documented losses that qualify include:

• Costs to freeze or unfreeze your credit reports with any credit bureau
• Credit monitoring or identity protection services you paid for out of pocket
• Notary fees, postage, copying, fax, mileage, and long-distance calls related to addressing the breach
• Any other unreimbursed expenses directly tied to the breach

You must provide documentation such as receipts, bank statements, or invoices. A brief description of each expense is required if its connection to the breach is not obvious from the documents alone.

Onsite Mammography Settlement Pro Rata Cash Payment — No Documentation Required

In addition to, or instead of, selecting reimbursement for out-of-pocket losses, a settlement class member may elect to receive a pro rata cash payment. This flat payment requires no receipts or documentation. The exact amount depends on how many valid claims are filed — if more people file, each check is smaller. File early and file completely to protect your share.

Three Years of Credit and Medical Monitoring — No Cost to You

Class members may also elect to receive three years of Credit and Medical/Healthcare Data Monitoring and Insurance Services, equivalent to CyEx Medical Shield Complete, which includes three credit bureau monitoring services and $1 million in identity theft insurance. Class members can postpone activating this benefit for up to at least 12 months after the settlement becomes final.

Given that Social Security numbers, medical records, and financial data were all potentially exposed, this monitoring is worth activating even if your out-of-pocket losses were minimal.

Settlements over $600 may be reported to the IRS — check with a tax professional about whether your payment is taxable.

How to File Your Onsite Mammography Data Breach Settlement Claim — Step by Step

Claim Deadline: August 11, 2026

1. Visit OnsiteSettlement.com — the official claim website managed by Eisner Advisory Group LLC.
2. Locate your Settlement Claim ID — if you received a postcard notice by mail, your Claim ID is printed on the postcard. If you cannot find it, email [email protected] for assistance.
3. Select your benefit option — choose between reimbursement for out-of-pocket losses (up to $5,000 with documentation), pro rata cash payment (no documentation), or both if applicable.
4. Upload supporting documents if claiming losses — receipts, bank statements, invoices, or other evidence of out-of-pocket costs directly related to the breach.
5. Submit your claim form on or before August 11, 2026, either online or postmarked by that date if mailing.
6. Save your confirmation — note your submission ID or keep a screenshot. The administrator will contact you if additional information is needed.

Takes about 10–15 minutes to complete online.

You can also call the settlement administrator at 1-855-389-9238 or write to: Onsite Settlement Administrator, P.O. Box 3868, Baton Rouge, LA 70821.

Should Onsite Mammography Class Members Opt Out or Object Before July 13, 2026?

What Does Opting Out of the Onsite Mammography Settlement Mean for Your Rights?

If you opt out, you will not be entitled to receive any benefits from the settlement, but you will not be bound by any judgment in this case. Opting out preserves your right to file your own individual lawsuit against Onsite Mammography for the same claims. For most people, opting out makes sense only if you suffered substantial, documented damages that far exceed $5,000 and you have already spoken with a data privacy attorney about pursuing an individual claim. The opt-out deadline is July 13, 2026.

How to Object to the Onsite Mammography Settlement Terms Before July 13, 2026

Objecting means telling the court you believe the settlement is unfair while still remaining in the class. Objections must be filed with the Clerk of the Court at 300 State St., Suite 120, Springfield, MA 01105, on or before July 13, 2026, and must include your full name, mailing address, all grounds for the objection, and your signature. The court cannot order a different settlement — it can only approve or reject the current terms.

If you are considering opting out or objecting, speaking with a data privacy attorney before July 13, 2026 is strongly recommended.

Onsite Mammography Data Breach Settlement — Key Dates, 2026

Milestone	Date
Data breach occurs	October 4, 2024
Data review concludes (PHI confirmed exposed)	February 21, 2025
Breach notices mailed to affected individuals	April 15, 2025
Consolidated class action filed	Case No. 3:25-cv-11123-MGM
Parties reach settlement agreement	Early 2026
Preliminary approval granted	April 13, 2026
Claims period opens	May 2026
Opt-Out / Objection Deadline	July 13, 2026
Claim Filing Deadline	August 11, 2026
Final Approval Hearing	September 9, 2026, 12:00 PM ET
Expected Payment Date	TBD — after final approval and any appeals resolve

Onsite Mammography Data Breach Settlement — Frequently Asked Questions, No. 3:25-cv-11123-MGM

Is the Onsite Mammography data breach settlement legitimate?

 Yes. The U.S. District Court for the District of Massachusetts authorized the class notice and granted preliminary approval on April 13, 2026. The official administrator is Eisner Advisory Group LLC, reachable at OnsiteSettlement.com or 1-855-389-9238. Do not submit claims through any other website.

Do I need a lawyer to file an Onsite Mammography settlement claim?

 No. The claim form is straightforward and available at OnsiteSettlement.com. You do not need an attorney to file. If you are considering opting out or believe your losses exceed $5,000, consulting a data privacy attorney makes sense.

When will Onsite Mammography settlement payments be sent?

 The court will hold a Final Approval Hearing on September 9, 2026. Payments will be made after the court approves the settlement and after any possible appeals are resolved. That process can take additional months. Patience is required.

What happens if I missed the Onsite Mammography claim deadline? 

If you do not submit a claim by August 11, 2026, you will not receive a cash payment or credit monitoring from this settlement. If you do nothing and the settlement is granted final approval, you will not be able to start or continue a lawsuit against Onsite Mammography for the same claims ever again.

Can I claim both the out-of-pocket reimbursement and the pro rata cash payment?

 Yes. A settlement class member may elect to receive reimbursement for out-of-pocket losses and a pro rata cash payment. These are available in addition to, or as an alternative to, each other. You can stack both benefits on a single claim form.

Will my Onsite Mammography settlement check be reported to the IRS? 

Payments from data breach settlements may be taxable depending on the nature and amount of your compensation. The IRS may require reporting for payments over $600. Consult a tax professional if you are unsure how this affects your individual tax situation.

What data was exposed in the Onsite Mammography breach?

 The exposed data included names, Social Security numbers, dates of birth, driver’s license numbers, credit card numbers, and medical information such as mental and physical health conditions and received care information. Each affected individual received a personalized letter detailing which specific data elements were compromised in their case.

I never received a notice letter. Can I still file a claim? 

You must have received written notice from Onsite Mammography to be eligible. If you believe you were affected but did not receive a letter, call the settlement administrator at 1-855-389-9238 or email [email protected] to confirm your eligibility before August 11, 2026.

Sources Used in This Onsite Mammography Data Breach Settlement Article

• Official Settlement Notice — Exhibit B: Long Form Notice, Clarkson et al. v. Onsite Mammography LLC, Case No. 3:25-cv-11123-MGM, U.S. District Court, D. Mass., May 2026: https://www.onsitesettlement.com/wp-content/uploads/2026/05/Exhibit-B_Onsite_Long-Notice_V3.pdf
• Official Settlement Website — Eisner Advisory Group LLC, 2026: https://www.onsitesettlement.com

Prepared by the AllAboutLawyer.com Editorial Team and reviewed for factual accuracy against the official court-approved settlement notice, OnsiteSettlement.com, SecurityWeek, PRNewswire, and HIPAA Journal on May 26, 2026. Last Updated: May 26, 2026.

This article is for informational purposes only and does not constitute legal advice. For advice specific to your situation, consult a qualified attorney.