Endue Settlement: $2,500 Cash, Free ID Monitoring

In February 2025, attackers gained unauthorized access to Endue Software’s systems and copied files containing personal information. The intrusion was detected shortly after, prompting an investigation that confirmed exposure of names, addresses, Social Security numbers, and health‑care identifiers. The affected population includes all U.S. residents whose data may have been compromised, as defined by the class action.

- Eligible claimants can receive up to $2,500 for verifiable out‑of‑pocket losses tied to fraud or identity theft stemming from the breach, with expenses documented between February 16, 2025 and June 30, 2026. - All class members may elect a flat $65 payment without providing receipts; this pool totals $260,000 and will be adjusted proportionally if claims exceed or fall short of the fund. - Every member receives two years of CyEx Medical Shield Complete, which provides medical identity theft monitoring and up to $1 million in insurance coverage for health‑care ID exposure, medical record numbers, and unauthorized health‑savings‑account spending.

The settlement fund also covers administration costs, attorneys’ fees (capped at $500,000), and service awards of $2,500 each to class representatives. Payments can be delivered via PayPal, Venmo, Zelle, virtual prepaid card, or physical check. The final approval hearing is set for July 15, 2026; after any appeals are resolved, the administrator will distribute benefits within 60 days.

Organizations should review access controls to limit privileged account use (MITRE ATT&CK T1078) and enforce multi‑factor authentication. Enable logging of file‑access events and monitor for anomalous data exfiltration patterns (T1041). Apply the latest security patches for operating systems and third‑party software, and conduct regular penetration testing to identify weaknesses before attackers do. Implement network segmentation to isolate sensitive databases and encrypt data at rest and in transit.