SAG-AFTRA Health Plan Data Breach Settlement, Check If You Qualify for Up to $5,000 Deadline is July 23

The SAG-AFTRA Health Plan data breach settlement is a $950,000 class action agreement where eligible health plan members whose personal data was exposed in a September 2024 phishing attack can receive up to $5,000 in reimbursements plus 18 months of free medical identity monitoring by filing a claim before July 23, 2026. The lawsuit accused SAG-AFTRA Health Plan of failing to protect sensitive member data — including Social Security numbers and health insurance records — from an unauthorized third party who accessed a plan employee’s email account. The settlement is pending final court approval.

Quick Facts: SAG-AFTRA Health Plan Settlement

Field	Detail
Settlement Amount	$950,000
Claim Deadline	July 23, 2026
Who Qualifies	Living persons mailed a breach notification indicating their private information may have been impacted by the September 17–18, 2024 data incident
Payout Per Person	Up to $5,000 for documented out-of-pocket losses; pro rata cash share for all valid claimants; 18 months CyEx medical identity monitoring (automatic, no claim required)
Proof Required	Yes — documentation required for out-of-pocket loss claims up to $5,000; no proof required for pro rata cash share or credit monitoring
Settlement Status	Preliminarily Approved — pending final court approval on September 24, 2026
Administrator	Kroll Settlement Administration LLC
Official Website	saghpsettlement.com
Last Updated	April 25, 2026

Current Status & What Happens Next

• The $950,000 settlement has received preliminary court approval and is currently in the claims period. The Final Approval Hearing is scheduled for September 24, 2026, at 10:00 a.m. PT in the U.S. District Court for the Central District of California.
• The deadline to opt out of the settlement or file an objection is June 23, 2026. If you opt out, you preserve your right to sue SAG-AFTRA Health Plan independently but receive no settlement benefit.
• Settlement payments will be distributed only after the court grants final approval and all appeals, if any, are resolved. Expected payment date is TBD — pending final court approval on September 24, 2026.

What Is the SAG-AFTRA Health Plan Lawsuit About? In re SAG Health Data Breach Litigation, No. 2:24-cv-10503-MEMF-JPR

On September 17 and 18, 2024, an unauthorized third party gained access to a SAG-AFTRA Health Plan employee’s email account through a phishing attack. That two-day window was enough to expose the personally identifiable information (PII) and protected health information of 35,592 health plan members. The compromised data included names, Social Security numbers, health plan participant identification numbers, and in some cases detailed claims and health insurance records.

SAG-AFTRA Health Plan notified affected members in December 2024 — more than two months after the incident. The class action filed in the U.S. District Court for the Central District of California accused the plan of negligence, invasion of privacy, and unjust enrichment. Plaintiffs alleged the plan failed to implement basic cybersecurity safeguards, failed to employ adequate protections against email phishing — one of the most well-documented attack vectors in the healthcare industry — and failed to notify members in a timely manner. If you want to understand how courts evaluate data breach compensation claims like this one, our overview of [consumer data privacy class action lawsuits at AllAboutLawyer.com] has more context.

SAG-AFTRA Health Plan denies any wrongdoing. The $950,000 settlement does not represent an admission of liability by the defendant. Still, the case highlights a pattern that data privacy attorneys have tracked closely: health plan administrators holding sensitive medical data are increasingly targeted in phishing attacks, and when they fall short on security, their members pay the price.

Who Qualifies for the SAG-AFTRA Health Plan Data Breach Settlement?

To understand if this settlement covers you, the eligibility rule is simple — and it comes directly from the official settlement administrator at saghpsettlement.com.

You may qualify if:

• You are a living person who received a mailed breach notification from SAG-AFTRA Health Plan indicating your private information may have been affected by the data incident that occurred between September 17 and September 18, 2024
• You were an active or former SAG-AFTRA Health Plan member whose information passed through the compromised employee email account during that window
• Your notification was mailed to a U.S. address — California residents qualify for a double pro rata share of any remaining settlement funds (two shares vs. one share for other states)
• You are submitting your claim on or before July 23, 2026

You do NOT qualify if:

• You did not receive a mailed breach notification from SAG-AFTRA Health Plan
• You are a minor who received a Minor Defense activation code — you still automatically receive CyEx Minor Defense monitoring, but the eligibility rules for cash claims are the same
• You are an officer or director of SAG-AFTRA Health Plan, or a judge assigned to this matter
• You previously opted out of this settlement class

One thing many people miss: even if you have no documented losses from this breach, you still qualify for the pro rata cash payment and the free 18-month CyEx Medical Shield Complete monitoring — but you must submit a claim form to get the cash. The monitoring activates automatically using the code on your notice letter. If you were affected and are uncertain whether you qualify, a free legal consultation with a consumer rights attorney costs you nothing and can clarify your options.

How Much Can You Get from the SAG-AFTRA Health Plan Settlement?

The settlement offers three distinct tiers of benefits. Here is exactly how each one works.

Tier 1 — Out-of-Pocket Loss Reimbursement (Up to $5,000) If you can document real financial harm that resulted from this breach — such as unauthorized charges, costs to freeze your credit, fees paid for identity theft services, or time spent resolving fraud — you can claim reimbursement of up to $5,000. You must provide actual documentation. Undocumented claims in this tier will not be paid. This is the most valuable benefit but requires the most effort to claim properly.

Tier 2 — Pro Rata Cash Payment (Amount TBD) Every class member who submits a valid claim — whether or not they have documented losses — receives a pro rata share of whatever settlement funds remain after attorneys’ fees, administrative costs, and Tier 1 payments are deducted. California residents who were mailed their notice at a California address receive two shares; all other claimants receive one share. The exact dollar amount per share is TBD — it depends on how many valid claims are filed. Fewer claims mean a larger pro rata payout per person. This is the legal settlement payout most class members will actually receive.

Tier 3 — 18 Months of CyEx Medical Shield Complete (Automatic) Every class member automatically receives 18 months of CyEx Medical Shield Complete — a medical identity monitoring and protection service — at no cost. You do not need to file a claim form to get this. Your activation code arrived in the breach notice letter SAG-AFTRA Health Plan mailed you. To enroll, visit app.medicalshield.cyex.com/enrollment/activate/SAGAFTRA or call CyEx at 1-866-622-9303. If you are a minor and received a Minor Defense code, use app.minordefense.com/enrollment/activate/SAGAFTRAMD instead.

Step-by-Step: How to File Your SAG-AFTRA Health Plan Claim Form

1. Visit the official claim portal at saghpsettlement.com and click “Submit Claim.” This is the only authorized claim site — do not file through any other website.
2. Enter your personal information, including your name and the mailing address where you received your breach notification. Have your notification letter nearby — it contains your activation code and may help verify your identity.
3. Select your payout tier. Choose whether you are filing for documented out-of-pocket losses (Tier 1, up to $5,000) or just the pro rata cash payment (Tier 2). You can request both simultaneously.
4. Upload your documentation if claiming out-of-pocket losses. Acceptable documents include bank statements, credit card statements, receipts for identity protection services, or written records of time spent resolving fraud. Undocumented loss claims will not be reimbursed.
5. Submit your claim form online. Alternatively, download the paper claim form from the Documents section of the settlement website, complete it, and mail it to: Claims Administrator – 83302+++ c/o Kroll Settlement Administration LLC, P.O. Box 225391, New York, NY 10150-5391.
6. Save your confirmation. After submitting online, save or screenshot your confirmation number. For mailed claims, keep a copy of everything and send via certified mail so you have proof of postmark.

Estimated time to complete: 10–15 minutes online; 20–30 minutes if gathering and uploading loss documentation.

Important Deadlines & Dates

Milestone	Date
Data Breach Occurred	September 17–18, 2024
Member Notifications Mailed	December 2024
Lawsuit Filed	Late 2024 (U.S. District Court, C.D. California)
Settlement Preliminarily Approved	TBD — preliminary approval granted; exact order date not published on administrator site
Claims Period Opens	Open now
Opt-Out Deadline	June 23, 2026
Objection Deadline	June 23, 2026
Claim Filing Deadline	July 23, 2026
Final Approval Hearing	September 24, 2026, at 10:00 a.m. PT
Expected Payment Date	TBD — pending final court approval and resolution of any appeals after September 24, 2026

Frequently Asked Questions About the SAG-AFTRA Health Plan Settlement

Do I need a lawyer to file a claim? 

No. The online claim form at saghpsettlement.com is straightforward and takes about 10 to 15 minutes to complete. You do not need a class action lawsuit attorney to file. However, if you believe your losses from this breach significantly exceed $5,000 — for example, if you experienced prolonged identity theft — speaking with a consumer rights lawyer about your individual options is worth the time.

Is this settlement legitimate? 

Yes. In re SAG Health Data Breach Litigation, Case No. 2:24-cv-10503-MEMF-JPR, is a real case pending in the U.S. District Court for the Central District of California. The settlement administrator is Kroll Settlement Administration LLC, one of the most established claims administrators in the country. The settlement website at saghpsettlement.com is court-authorized.

When will I receive my payment? 

Payments will not go out until after the Final Approval Hearing on September 24, 2026, and only if no appeals delay the process. Settlement distributions in cases like this typically take several months after final approval. Expect payment no earlier than late 2026. The exact date is TBD — pending resolution of any post-approval appeals.

What if I missed the claim deadline? 

The claim deadline is July 23, 2026. If you miss it, you will not receive any cash payment from this settlement. You will, however, remain bound by the settlement’s release of claims against SAG-AFTRA Health Plan, meaning you cannot sue the plan separately over this breach. If you are close to the deadline, file immediately — even a basic pro rata claim takes only minutes.

Will this settlement payment affect my taxes?

 Potentially. Payments for out-of-pocket losses you already deducted on a tax return may be taxable. Pure compensatory payments for personal physical injury or illness are generally not taxable, but settlement payments in data breach cases occupy a gray area. Consult a tax professional before filing your taxes after receiving payment — the settlement administrator cannot give you tax advice.

My data included health insurance records. Does that make me eligible for a higher payout? 

Not automatically. The settlement does not create a separate tier for members whose health information was exposed versus those whose SSNs alone were compromised. All class members are eligible for the same Tier 1 and Tier 2 benefits. What matters for Tier 1 is whether you can document real financial harm — not which category of data was stolen. The CyEx Medical Shield Complete monitoring is provided to all members specifically because health and medical identity information was at risk.

How do I activate my CyEx Medical Shield monitoring? 

Find the activation code on the breach notification letter SAG-AFTRA Health Plan mailed you. Go to app.medicalshield.cyex.com/enrollment/activate/SAGAFTRA and enter your code, or call CyEx at 1-866-622-9303. For minors using Minor Defense, go to app.minordefense.com/enrollment/activate/SAGAFTRAMD. You do not need to file a claim form to activate monitoring — it is automatic for all class members.

Sources & References

• Official Settlement Website (Kroll Settlement Administration): saghpsettlement.com
• Court Docket: In re SAG Health Data Breach Litigation, Case No. 2:24-cv-10503-MEMF-JPR — U.S. District Court for the Central District of California — available at pacer.gov

Prepared by the AllAboutLawyer.com Editorial Team and reviewed for factual accuracy against the official Kroll Settlement Administration website (saghpsettlement.com) and court records on April 25, 2026. Last Updated: April 25, 2026

Disclaimer: This article is for informational purposes only and does not constitute legal advice. Legal claims and outcomes depend on specific facts and applicable law. For advice regarding a particular situation, consult a qualified attorney.