Watson Clinic settles data breach case with $10M payout to affected patients
Post Summary
Watson Clinic LLC has reached a $10 million settlement to address a data breach that exposed sensitive patient information on the dark web in 2024. The breach, which compromised data such as Social Security numbers, medical records, and pre- and post-operation images, has left affected patients eligible to file claims for compensation.
The settlement stems from a February 2024 incident in which an "unauthorized third-party" accessed sensitive personal and medical data. Information such as names, addresses, driver’s license numbers, and financial account details were also involved in the breach. As part of the agreement, Watson Clinic has denied any wrongdoing or liability but opted for settlement to avoid "the cost and risk of a trial and related appeals."
Who can file a claim?
Current and former patients of Watson Clinic whose data was accessed during the breach are eligible to file claims. Claims must be submitted or postmarked by Thursday, February 5, 2026. Those uncertain about their eligibility can contact Kroll Settlement Administration for clarification.
Patients who choose to participate in the settlement waive their right to sue Watson Clinic for claims related to the case.
Compensation structure
Claimants may receive payments ranging from $100 to $75,000 based on the type and sensitivity of the data exposed. Below is an overview of the compensation tiers:
- Full face and exposed sensitive areas (ESA): $75,000 per claim.
- Partial face and ESA: $40,000 per claim.
- No face and ESA: $10,000 per claim.
- Full face and partial clothing of sensitive areas: $10,000 per claim.
- Partial face and partial clothing of sensitive areas: $7,500 per claim.
- No face and partial clothing of sensitive areas: $5,000 per claim.
- Non-sensitive images: $100 per claim.
Claimants may also qualify for additional compensation, such as reimbursement for out-of-pocket losses up to $500 per individual, extraordinary losses up to $6,500, and a residual cash payment of $50 on a claims-made basis.
Deadlines and next steps
The deadline to submit a claim for compensation is February 5, 2026, while those who wish to opt out or object to the settlement must do so by January 6, 2026. The court is scheduled to hold a hearing on March 9, 2026, to determine whether to approve the settlement. If the agreement is approved, payments may still be delayed due to potential appeals or additional court processes.
Background and reasoning
The breach, discovered in February 2024, prompted the settlement agreement drafted on July 17, 2025. The decision to settle, according to the settlement website, was made to provide benefits to affected patients while avoiding the uncertainties of a trial.
Watson Clinic, which serves over one million outpatient visits annually across 19 locations, emphasized that it denies any liability related to the breach. However, the settlement aims to address the damage caused by the exposure of sensitive patient data on the dark web.
For more details, affected patients can visit the official settlement website or contact the administrator for assistance. The outcome of the March 2026 court hearing will determine the next steps in distributing payments.
