Court finalizes HSHS settlement – Illinois Times
Illinois Times, the capital city's weekly source of news, politics, arts, entertainment, culture
Illinois Times, the capital city's weekly source of news, politics, arts, entertainment, culture
Audio By Carbonatix
A $7.6 million court settlement stemming from a data breach that affected almost 869,000 Hospital Sisters Health System patients will result in average payments of $40 to $50 for 80,000 people.
That estimate – representing patients who responded by mail to become part of the class-action settlement – came from Nickolas Hagman of the Chicago law firm of Cafferty Clobes Meriwether & Sprengel. He was representing current and past HSHS patients in the lawsuit.
The settlement was finalized Dec. 10 in an order from Sangamon County Circuit Court Judge Adam Giganti.
“This is a great settlement for the entire class,” Hagman told Giganti during a Dec. 4 settlement hearing.
Hagman wouldn’t comment outside court and hasn’t responded to requests for comment since then from Illinois Times.
It’s unknown how many people requested, and are in line to receive, payments of up to $5,000 for documented out-of-pocket losses between Aug. 16, 2023, and Nov. 14, 2025, related to the data breach.
It was expected that the majority of people receiving money would get it through the “one-time, pro rata” cash payments Hagman discussed and that were available without documentation of any specific losses.
The final order approved $2,500 awards for each of the named plaintiffs in the case: Teresa Bierman, Charles Bierman, Steven Durbin, Brittany Capers, Michelle Reichart, Sandra McCoy, Kim Wade, Nick Avery, Charles Bouvard, Richard Kuhlman and Matthew Layton on behalf of his three minor children.
The data breach was caused by a targeted cyber attack on the nonprofit health system’s computer network “by an unauthorized third-party threat actor,” according to court documents. The culprit hasn’t been publicly identified.
HSHS discovered the attack in mid- to late August 2023. The breach temporarily disabled HSHS’ clinical, administrative and communications systems.
With about $2.8 billion in annual revenues, HSHS is based in rural Sangamon County near Riverton and operates hospitals in Illinois and Wisconsin. Its flagship institution, HSHS St. John’s, is in Springfield. Other hospitals in central Illinois include HSHS St. Francis in Litchfield and HSHS St. Mary’s in Decatur.
Several lawsuits against HSHS resulted from the data breach, and those cases were consolidated in the class-action lawsuit in January 2025.
Giganti denied an objection to the settlement that was filed by Springfield lawyer Matthew Cate, who represented a minor covered by the class. Cate said he wanted to see options set up for minors to be compensated in the future for potential damages that wouldn’t be incurred or discovered until they reached adulthood.
HSHS didn’t admit any wrongdoing or liability in the settlement. The system said through a spokesperson Jan. 13, “No evidence was found that any personal information or protected health information was misused in instances of fraud or identity theft as a result of this incident.”
The spokesperson added, “HSHS remains focused on providing the highest quality patient care.”
Attorney fees totaling $2.6 million, or 35% of the total settlement, were approved for lawyers representing the various plaintiffs. Giganti’s order said the attorney fees were “appropriate and reasonable.”
Hagman said the overall 11% response rate to the court-authorized mailing giving patients the option to submit a claim for settlement proceeds was an “outstanding result” compared with the national average response rate of 3% in similar cases.
Hagman noted that the costs for stamps and paper to mail information to more than 800,000 people cost $525,000.
People who received the mailing were offered two years of free services from CyEx Financial Shield, a comprehensive service that comes with credit monitoring and $1 million in financial fraud insurance.
And under terms of the settlement agreement, HSHS “must attest to the implementation of additional data security measures put in place since the data incident.”
Dean Olsen is a senior staff writer with Illinois Times. He can be reached at dolsen@illinoistimes.com, 217-679-7810 or http://www.x.DeanOlsenIT.
This article appears in January 15-21, 2026.
Illinois Times has provided readers with independent journalism for almost 50 years, from news and politics to arts and culture.
Your support will help cover the costs of editorial content published each week. Without local news organizations, we would be less informed about the issues that affect our community..
Click here to show your support for community journalism.
Got something to say?
Send a letter to the editor and we’ll publish your feedback in print!
Dean Olsen is a senior staff writer for Illinois Times. He can be reached at: dolsen@illinoistimes.com, 217-679-7810 or @DeanOlsenIT. More by Dean Olsen
Your email address will not be published. Required fields are marked *
Get Our Latest Articles and Coming Events in Your Inbox
source
This article was autogenerated from a news feed from CDO TIMES selected high quality news and research sources. There was no editorial review conducted beyond that by CDO TIMES staff. Need help with any of the topics in our articles? Schedule your free CDO TIMES Tech Navigator call today to stay ahead of the curve and gain insider advantages to propel your business!
Illinois Times, the capital city's weekly source of news, politics, arts, entertainment, culture
Audio By Carbonatix
A $7.6 million court settlement stemming from a data breach that affected almost 869,000 Hospital Sisters Health System patients will result in average payments of $40 to $50 for 80,000 people.
That estimate – representing patients who responded by mail to become part of the class-action settlement – came from Nickolas Hagman of the Chicago law firm of Cafferty Clobes Meriwether & Sprengel. He was representing current and past HSHS patients in the lawsuit.
The settlement was finalized Dec. 10 in an order from Sangamon County Circuit Court Judge Adam Giganti.
“This is a great settlement for the entire class,” Hagman told Giganti during a Dec. 4 settlement hearing.
Hagman wouldn’t comment outside court and hasn’t responded to requests for comment since then from Illinois Times.
It’s unknown how many people requested, and are in line to receive, payments of up to $5,000 for documented out-of-pocket losses between Aug. 16, 2023, and Nov. 14, 2025, related to the data breach.
It was expected that the majority of people receiving money would get it through the “one-time, pro rata” cash payments Hagman discussed and that were available without documentation of any specific losses.
The final order approved $2,500 awards for each of the named plaintiffs in the case: Teresa Bierman, Charles Bierman, Steven Durbin, Brittany Capers, Michelle Reichart, Sandra McCoy, Kim Wade, Nick Avery, Charles Bouvard, Richard Kuhlman and Matthew Layton on behalf of his three minor children.
The data breach was caused by a targeted cyber attack on the nonprofit health system’s computer network “by an unauthorized third-party threat actor,” according to court documents. The culprit hasn’t been publicly identified.
HSHS discovered the attack in mid- to late August 2023. The breach temporarily disabled HSHS’ clinical, administrative and communications systems.
With about $2.8 billion in annual revenues, HSHS is based in rural Sangamon County near Riverton and operates hospitals in Illinois and Wisconsin. Its flagship institution, HSHS St. John’s, is in Springfield. Other hospitals in central Illinois include HSHS St. Francis in Litchfield and HSHS St. Mary’s in Decatur.
Several lawsuits against HSHS resulted from the data breach, and those cases were consolidated in the class-action lawsuit in January 2025.
Giganti denied an objection to the settlement that was filed by Springfield lawyer Matthew Cate, who represented a minor covered by the class. Cate said he wanted to see options set up for minors to be compensated in the future for potential damages that wouldn’t be incurred or discovered until they reached adulthood.
HSHS didn’t admit any wrongdoing or liability in the settlement. The system said through a spokesperson Jan. 13, “No evidence was found that any personal information or protected health information was misused in instances of fraud or identity theft as a result of this incident.”
The spokesperson added, “HSHS remains focused on providing the highest quality patient care.”
Attorney fees totaling $2.6 million, or 35% of the total settlement, were approved for lawyers representing the various plaintiffs. Giganti’s order said the attorney fees were “appropriate and reasonable.”
Hagman said the overall 11% response rate to the court-authorized mailing giving patients the option to submit a claim for settlement proceeds was an “outstanding result” compared with the national average response rate of 3% in similar cases.
Hagman noted that the costs for stamps and paper to mail information to more than 800,000 people cost $525,000.
People who received the mailing were offered two years of free services from CyEx Financial Shield, a comprehensive service that comes with credit monitoring and $1 million in financial fraud insurance.
And under terms of the settlement agreement, HSHS “must attest to the implementation of additional data security measures put in place since the data incident.”
Dean Olsen is a senior staff writer with Illinois Times. He can be reached at dolsen@illinoistimes.com, 217-679-7810 or http://www.x.DeanOlsenIT.
This article appears in January 15-21, 2026.
Illinois Times has provided readers with independent journalism for almost 50 years, from news and politics to arts and culture.
Your support will help cover the costs of editorial content published each week. Without local news organizations, we would be less informed about the issues that affect our community..
Click here to show your support for community journalism.
Got something to say?
Send a letter to the editor and we’ll publish your feedback in print!
Dean Olsen is a senior staff writer for Illinois Times. He can be reached at: dolsen@illinoistimes.com, 217-679-7810 or @DeanOlsenIT. More by Dean Olsen
Your email address will not be published. Required fields are marked *
Get Our Latest Articles and Coming Events in Your Inbox
source
This article was autogenerated from a news feed from CDO TIMES selected high quality news and research sources. There was no editorial review conducted beyond that by CDO TIMES staff. Need help with any of the topics in our articles? Schedule your free CDO TIMES Tech Navigator call today to stay ahead of the curve and gain insider advantages to propel your business!
