Endue Software Settlement Offers Up to $2,500 Cash and Free Medical Identity Monitoring

TL;DR: Eligible U.S. residents can receive up to $2,500 for documented out-of-pocket losses or a flat $65 payment, plus two years of free medical identity theft monitoring with up to $1,000,000 in coverage, from the Endue Software class action settlement.

Context In February 2025, Endue Software disclosed a targeted cyberattack that accessed files containing private information of its users. The incident prompted a class action lawsuit alleging the company failed to adequately safeguard the data. Endue denied wrongdoing but agreed to settle to avoid prolonged litigation. The settlement covers all living individuals in the United States whose information may have been exposed in that breach.

Key Facts Claimants who can document fraud- or identity-theft-related expenses incurred between February 16, 2025 and June 30, 2026 may receive up to $2,500 per person. Those who prefer not to provide documentation can elect a flat $65 payment; the total pool for these payments is $260,000, with amounts adjusted pro rata if claims exceed or fall short of the fund. Every class member automatically receives two years of CyEx Medical Shield Complete, which includes medical identity theft monitoring and up to $1,000,000 in insurance coverage for health-care ID exposure, medical record number exposure, and unauthorized health-savings-account spending. Claims must be filed online or by mail no later than June 30, 2026; payments and monitoring codes will be issued within 60 days after the court grants final approval, scheduled for July 15, 2026.

What It Means For affected consumers, the settlement provides a tangible way to recover costs tied to identity theft while offering ongoing protection against medical fraud. For security teams, the case underscores the importance of vendor risk management, timely detection of unauthorized access, and robust incident-response plans. Defenders should review third-party access controls, enforce multi-factor authentication, encrypt sensitive data at rest and in transit, and maintain logging that aligns with MITRE ATT&CK techniques such as T1078 (Valid Accounts) and T1059 (Command-and-Control Scripting). Regularly testing breach-response playbooks and updating patch management policies can reduce the likelihood of similar incidents. Watch for the final approval hearing on July 15, 2026 and the subsequent distribution of payments and monitoring benefits.