Deadline: April 27, 2026
Last updated: February 21, 2026

PharMerica Data Breach Settlement – File by April 27, 2026

If your personal or medical information was swept up in the 2023 PharMerica ransomware attack — courtesy of a cybercriminal gang that apparently named themselves "Money Message" — a $5.275 million class action settlement may entitle you to up to $10,000 in reimbursement, a pro rata cash payment, and free credit monitoring.

Deadline: April 27, 2026
File Your Claim Now →

At a glance

Applies to Nationwide
Main deadline April 27, 2026
Benefit Eligible class members can claim up to $10,000 for documented losses, a pro rata cash payment from the Net Settlement Fund, and one year of Kroll Complete Monitoring — which all class members receive automatically, no claim required (a rare freebie in the world of class action settlements).
Official site https://pmcsettlement.com/

What happened

Class period: On or around March 2023 (date of the ransomware attack and data exfiltration)

  • PharMerica is a nationwide pharmacy services provider serving patients in over 3,100 long-term care facilities, senior living communities, and other healthcare programs — essentially, they hold a lot of sensitive data for a lot of vulnerable people

  • In March 2023, a ransomware gang calling themselves "Money Message" (points for branding, zero points for ethics) breached PharMerica's computer network and exfiltrated a staggering 4.7 terabytes of data

  • On March 28, 2023, Money Message claimed responsibility and posted a sample of the stolen data on the dark web, just to really twist the knife

  • The exposed data included full names, addresses, dates of birth, Social Security numbers, and medical and health insurance information

  • A class action lawsuit, In Re: PharMerica Data Breach Litigation, Case No. 3:23-cv-00297-RGJ-CHL, was filed in the U.S. District Court for the Western District of Kentucky

  • PharMerica denies all liability and wrongdoing; the parties agreed to settle to avoid the cost and uncertainty of trial

What you can get

Cash Payment A – Documented Losses

Up to $10,000

Actual, documented, unreimbursed losses fairly traceable to the breach; supporting documentation required; losses must have been incurred on or after the applicable Data Incident date through April 27, 2026

Cash Payment B – Pro Rata Cash

Pro rata share of Net Settlement Fund

No documentation required; all valid claimants receive the same amount; final amount depends on number of claims filed

Credit Monitoring – Kroll Complete

1 year

Automatic for ALL class members — no claim required; includes 3-bureau monitoring, dark web scanning, payday loan monitoring, Social Security scan, fraud consultation, identity theft restoration, $1M identity theft insurance with no deductible, credit score reporting, and real-time inquiry alerts

Key dates

Action Date What it means
Submit / Claim April 27, 2026 Last day to submit
Opt out April 13, 2026 Keep your right to sue separately
Object April 13, 2026 Tell the court you disagree
Final hearing May 12, 2026 Judge decides whether to approve

Who may qualify

  • Are a living U.S. resident who received a notice of the PharMerica Data Incident
  • Were a patient of PharMerica or one of its healthcare partners whose personal or medical information was potentially exposed
  • Are not a PharMerica officer or director, a governmental entity, or a judge assigned to this case (you know the drill by now)

How to file

  1. Visit the official claim form at https://forms.ksacms.com/efiling/fr/eform/pharmerica_claimform/new?form-version=1&fr-wizard-page=section-1
  2. Select your benefit(s): Cash Payment A (Documented Losses), Cash Payment B (Pro Rata Cash), or both
  3. Submit your claim online by April 27, 2026, or mail a paper Claim Form postmarked no later than April 27, 2026
  4. Note: To receive payment via electronic or ACH transfer, you must file online — no paper workarounds for that one
  5. Remember: Credit Monitoring is automatic for all class members; you don't need to file a claim to receive it

Proof required

  • Cash Payment A – Documented Losses: Receipts, bank statements, or other third-party documentation of unreimbursed expenses tied to the breach; self-prepared documents (like handwritten notes) alone are not sufficient, but can support other submitted documentation
  • Cash Payment B – Pro Rata Cash: No proof required
  • Credit Monitoring: No claim or proof required — it's automatic

Payment timing

The Final Approval Hearing is scheduled for May 12, 2026, at 1:00 PM ET. Cash Payments and Credit Monitoring will be distributed after the Settlement receives Final Approval and the appeal window closes. Electronic and ACH payments are available for online filers; paper filers will receive checks. Patience is strongly encouraged — and apparently required.

Important links

Contact

Phone: (833) 754-6609
Mail: Settlement Administrator – 83343 c/o Kroll Settlement Administration LLC P.O. Box 225391 New York, NY 10150-5391

Extra details

  • This is one of the more generous documented loss caps we've seen — up to $10,000 per person, which is double the $5,000 offered in many similar settlements

  • All class members automatically receive one year of Kroll Complete Monitoring, no claim form required — so even if you do nothing, you're getting something (though you'll still give up your right to sue)

  • Cash Payment A for documented losses covers a wide range of expenses incurred on or after the applicable Data Incident date through April 27, 2026, including attorney fees, credit repair costs, credit freeze fees, unauthorized charges, and even postage and mileage — keep those receipts

  • If you change your address, it's your responsibility to update the Settlement Administrator — don't make them chase you for your own money

  • Watch for scams: the only authorized settlement website is pmcsettlement.com

Go to official website (deadline: April 27, 2026) Browse more articles

FAQ

Who qualifies for this settlement?
U.S. residents who received a notice of the PharMerica Data Incident, meaning their personal or medical information was potentially exposed in the March 2023 ransomware attack.
Do I have to file a claim to get anything?
Not for credit monitoring — all class members automatically receive one year of Kroll Complete Monitoring. However, you must file a claim to receive any cash payment.
What kinds of expenses can I claim under Cash Payment A?
Unreimbursed losses fairly traceable to the breach incurred on or after the applicable Data Incident date through April 27, 2026. This includes fraud or identity theft losses, attorney or credit repair fees, credit freeze costs, unauthorized charges, and even postage and mileage related to resolving the breach.
How much will the pro rata cash payment be?
It depends on how many valid claims are filed. The more people who file, the smaller the individual share — so filing sooner rather than later is a good idea.
Can I claim both Cash Payment A and Cash Payment B?
Yes. You may submit claims for both documented losses and the pro rata cash payment.
What happens if I do nothing at all?
You'll automatically receive the Credit Monitoring, but no cash payment — and you'll give up your right to sue PharMerica over the breach. So "doing nothing" is more consequential than it sounds.
How do I opt out?
Mail a signed written request to the Settlement Administrator, postmarked by April 13, 2026, including your full name, address, phone number, email, and a statement of your intent to be excluded from the Settlement Class.
Use the official website Always confirm details on the official site. If something feels off, stop and verify before sharing personal info.

Info only. Verify details on the official site. Not legal, financial, or tax advice. Legal

Share this:

X / Twitter Facebook