Geisinger Data Breach: Latest Updates, Who’s Affected, and How to Protect Your Data

Overview of the Geisinger Data Breach

Geisinger detected on November 29, 2023 that a former employee of its IT vendor, Nuance Communications, accessed certain patient records two days after being terminated. At law enforcement’s request, Geisinger and Nuance delayed the data security incident notification until June 24, 2024, when patient letters and call-center details were issued. The individual was arrested and is facing federal charges. ([geisinger.org](https://www.geisinger.org/about-geisinger/news-and-media/news-releases/2024/06/24/18/17/geisinger-provides-notice-of-nuances-data-security-incident))

Court filings and reporting identify the suspect as “Max Vance” (aka Andre J. Burk), who faces a federal charge of obtaining information from a protected computer; in June 2025 a judge allowed him to represent himself. This underscores how an insider threat—not ransomware—drove the incident. ([beckershospitalreview.com](https://www.beckershospitalreview.com/healthcare-information-technology/cybersecurity/geisinger-data-theft-suspect-to-represent-himself-in-court/?utm_source=openai))

Impacted Patient Information

According to Geisinger’s notice, the information involved varied by person and may have included the following identifiers and treatment-adjacent details:

• Full name and date of birth
• Postal address and phone number
• Medical record number
• Admit, discharge, or transfer (ADT) codes
• Facility name abbreviation
• Demographics such as race and gender

Geisinger reported that Social Security numbers, insurance claims details, and financial account information were not accessed in this incident—limiting direct financial fraud risks but still creating meaningful patient information exposure concerns. ([geisinger.org](https://www.geisinger.org/about-geisinger/news-and-media/news-releases/2024/06/24/18/17/geisinger-provides-notice-of-nuances-data-security-incident))

Regulatory tallies indicate the breach impacted approximately 1,276,026 individuals, reflecting how large-scale exposures can occur even without external hacking. ([hipaajournal.com](https://www.hipaajournal.com/june-2024-healthcare-data-breach-report/?utm_source=openai))

Legal and Regulatory Responses

Multiple lawsuits were consolidated in July 2024 as In re: Geisinger Health Data Security Incident Litigation in the U.S. District Court for the Middle District of Pennsylvania. The court appointed interim leadership, and the matter advanced toward settlement after mediation in 2025. ([docs.justia.com](https://docs.justia.com/cases/federal/district-courts/pennsylvania/pamdce/4%3A2024cv01071/142793/42?utm_source=openai))

Separately, federal authorities pursued criminal action against the former Nuance employee, while Geisinger satisfied HIPAA breach-notification duties and publicized the incident. The case spotlights healthcare data compliance obligations for covered entities and business associates—especially rapid access revocation at termination and vendor oversight. ([geisinger.org](https://www.geisinger.org/about-geisinger/news-and-media/news-releases/2024/06/24/18/17/geisinger-provides-notice-of-nuances-data-security-incident))

Details of the Settlement Agreement

On November 18, 2025, the court granted preliminary approval of a proposed $5 million, non-reversionary settlement with Geisinger and Nuance. As of February 19, 2026, the opt-out and objection deadlines (February 17, 2026) have passed; the final approval hearing is set for March 16, 2026. The claims deadline is March 18, 2026. ([techtarget.com](https://www.techtarget.com/healthtechsecurity/news/366634778/Geisinger-Health-Nuance-reach-5M-settlement-over-data-breach?utm_source=openai))

What the class action settlement terms offer

• Credit/medical monitoring and identity theft protection for one year (available to all participating class members). ([shublawyers.com](https://shublawyers.com/news/breaking-news/geisinger-nuance-data-breach-settlement-preliminary-approval/?utm_source=openai))
• Reimbursement of documented, unreimbursed out-of-pocket losses up to $5,000 (e.g., costs tied to fraud mitigation, credit monitoring services you purchased, or bank fees). ([calhipaa.com](https://www.calhipaa.com/nuance-communications-and-geisinger-health-pay-5-million-to-resolve-data-breach-litigation/?utm_source=openai))
• An alternative pro rata cash payment for those not claiming documented losses (amount depends on the number of valid claims). ([hipaajournal.com](https://www.hipaajournal.com/geisinger-former-business-associate-employee-1m-records/))

Settlement administration costs, service awards, and attorneys’ fees are deducted from the $5 million common fund. The settlement website confirms key dates and provides the official notice and claim process. ([hipaajournal.com](https://www.hipaajournal.com/geisinger-former-business-associate-employee-1m-records/?utm_source=openai))

Data Protection and Monitoring Recommendations

If you received a notice, consider these practical steps to reduce risk and strengthen your privacy going forward:

• Enroll in the offered credit monitoring services and identity theft protection; enable alerts and review reports monthly.
• Place a free fraud alert or credit freeze with the major bureaus to block new-account abuse.
• Review your insurer’s explanation-of-benefits (EOB) statements and MyChart/patient portal activity; dispute any unfamiliar services.
• Update passwords for healthcare and financial accounts; enable multi-factor authentication (MFA) everywhere possible.
• Watch for phishing attempts referencing the breach; never share one-time passcodes over the phone or text.
• If you detect misuse, promptly file an identity theft report, notify your providers/insurers, and document all out-of-pocket expenses in case reimbursement is available.

Timeline of Events

• November 29, 2023 — Geisinger detects improper access to patient data by a recently terminated Nuance employee and alerts Nuance; law enforcement engaged. ([geisinger.org](https://www.geisinger.org/about-geisinger/news-and-media/news-releases/2024/06/24/18/17/geisinger-provides-notice-of-nuances-data-security-incident))
• June 24, 2024 — Public data security incident notification begins; Geisinger confirms the categories of data involved. ([geisinger.org](https://www.geisinger.org/about-geisinger/news-and-media/news-releases/2024/06/24/18/17/geisinger-provides-notice-of-nuances-data-security-incident))
• July 2024 — Civil cases consolidated as In re: Geisinger Health Data Security Incident Litigation (M.D. Pa.). ([docs.justia.com](https://docs.justia.com/cases/federal/district-courts/pennsylvania/pamdce/4%3A2024cv01071/142793/42?utm_source=openai))
• June 30, 2025 — Parties mediate and reach agreement in principle. ([shublawyers.com](https://shublawyers.com/news/breaking-news/geisinger-nuance-data-breach-settlement-preliminary-approval/?utm_source=openai))
• November 18, 2025 — Court grants preliminary approval of $5 million settlement; class size cited at approximately 1.3 million. ([techtarget.com](https://www.techtarget.com/healthtechsecurity/news/366634778/Geisinger-Health-Nuance-reach-5M-settlement-over-data-breach?utm_source=openai))
• February 17, 2026 — Deadline to opt out or object (now passed). ([geisingerdatasettlement.com](https://www.geisingerdatasettlement.com/?utm_source=openai))
• March 16, 2026 — Final approval hearing scheduled. ([geisingerdatasettlement.com](https://www.geisingerdatasettlement.com/?utm_source=openai))
• March 18, 2026 — Claims deadline for benefits under the settlement. ([geisingerdatasettlement.com](https://www.geisingerdatasettlement.com/?utm_source=openai))

Roles of Involved Parties

• Geisinger (covered entity): Detected the activity, notified Nuance and law enforcement, issued the public notice, and is a defendant in the civil litigation and proposed settlement. ([geisinger.org](https://www.geisinger.org/about-geisinger/news-and-media/news-releases/2024/06/24/18/17/geisinger-provides-notice-of-nuances-data-security-incident))
• Nuance Communications (business associate): The ex-employee’s former employer; revoked access, led portions of the notification process, and is a settling defendant. ([geisinger.org](https://www.geisinger.org/about-geisinger/news-and-media/news-releases/2024/06/24/18/17/geisinger-provides-notice-of-nuances-data-security-incident))
• Former Nuance employee: Arrested and facing federal data breach charges related to obtaining information from a protected computer. ([beckershospitalreview.com](https://www.beckershospitalreview.com/healthcare-information-technology/cybersecurity/geisinger-data-theft-suspect-to-represent-himself-in-court/?utm_source=openai))
• Law enforcement: Requested delayed notification during the investigation. ([geisinger.org](https://www.geisinger.org/about-geisinger/news-and-media/news-releases/2024/06/24/18/17/geisinger-provides-notice-of-nuances-data-security-incident))
• Federal court (M.D. Pa.): Consolidated the actions, oversaw mediation and preliminary approval, and will decide final approval. ([shublawyers.com](https://shublawyers.com/news/breaking-news/geisinger-nuance-data-breach-settlement-preliminary-approval/?utm_source=openai))
• Settlement administrator: Court‑authorized administrator managing claims and notices, including deadlines and benefit fulfillment. ([geisingerdatasettlement.com](https://www.geisingerdatasettlement.com/?utm_source=openai))

Summary

In short, the Geisinger Data Breach stemmed from insider misuse at a vendor, exposed non-financial patient data for over a million people, and prompted consolidated litigation now poised for final approval. If you received a notice, you can still submit a claim for reimbursement or credit monitoring by March 18, 2026. ([geisinger.org](https://www.geisinger.org/about-geisinger/news-and-media/news-releases/2024/06/24/18/17/geisinger-provides-notice-of-nuances-data-security-incident))

FAQs.

What personal information was compromised in the Geisinger data breach?

Per Geisinger, the exposure may include your name, date of birth, address, phone number, medical record number, ADT codes, facility abbreviation, and certain demographic details (race, gender). The notice states Social Security numbers, insurance claims data, and financial account numbers were not accessed. ([geisinger.org](https://www.geisinger.org/about-geisinger/news-and-media/news-releases/2024/06/24/18/17/geisinger-provides-notice-of-nuances-data-security-incident))

How did law enforcement handle the breach notification?

Investigators asked Geisinger and Nuance to delay notifying patients so the federal investigation would not be impeded. Public notifications began June 24, 2024, after the requested delay. ([geisinger.org](https://www.geisinger.org/about-geisinger/news-and-media/news-releases/2024/06/24/18/17/geisinger-provides-notice-of-nuances-data-security-incident))

What compensation is available to affected individuals?

Under the proposed class action settlement, eligible individuals may choose one year of credit/medical monitoring and identity theft protection, submit documented out-of-pocket losses up to $5,000, or elect a pro rata cash payment. The court set March 16, 2026 for the final approval hearing and March 18, 2026 as the claims deadline. ([shublawyers.com](https://shublawyers.com/news/breaking-news/geisinger-nuance-data-breach-settlement-preliminary-approval/?utm_source=openai))

How can patients protect their data following the breach?

Enroll in the offered monitoring, set fraud alerts or credit freezes, enable MFA on healthcare and financial accounts, scrutinize EOBs and portal activity, and keep records of any remediation costs. Report suspected identity misuse promptly and notify your providers and insurers so questionable claims can be flagged and investigated.