Settlement Information
This lawsuit concerns a ransomware attack experienced by Mt. Baker Imaging, LLC and Northwest Radiologists, Inc., P.S. (collectively, “Defendants”) on or about January 20, 2025 through on or about January 25, 2025, in which cybercriminals accessed and exfiltrated confidential personally identifiable information (“PII”) and protected health information (“PHI”) (collectively, “Private Information”) belonging to Plaintiffs and approximately 340,184 Class Members (the “Data Security Incident”).
Plaintiffs allege that Defendants’ failure to implement and maintain necessary data security safeguards caused damages to Plaintiffs and Class Members. Defendants deny any wrongdoing and deny that they have any liability, but have agreed to settle the lawsuit on a classwide basis to avoid the uncertainty, risk, and expense of continued litigation.
A $3,300,000 non-reversionary Settlement Fund has been established to provide benefits to Settlement Class Members, including reimbursement for documented Out-of-Pocket Losses (up to $5,000), a Pro Rata Cash Fund Payment, and two (2) years of Medical Shield Complete medical identity-theft protection and monitoring through CyEx. The Honorable Evan Jones of the Superior Court of Washington for Whatcom County granted preliminary approval of the Settlement on April 21, 2026. EAG Gulf Coast, LLC has been appointed as the Settlement Administrator.
Please read the Long Form Notice carefully. Your legal rights will be affected, and you have a choice to make at this time.
Who Is a Class Member?
The Court has defined the Settlement Class as: “All living persons residing in the United States whose Private Information was potentially or actually compromised in the Data Security Incident.”
Specifically excluded from the Settlement Class are all persons who are directors or officers of Defendants, the Judge assigned to the Action, and that Judge’s immediate family and Court staff.
Your Legal Rights and Options
Option and Deadline |
Your Legal Rights |
Submit a Claim Formby August 19, 2026 |
The only way to receive Settlement Benefits, including reimbursement for Out-of-Pocket Losses, a Pro Rata Cash Fund Payment, and Medical Identity-Theft Protection and Monitoring, is to submit a Valid Claim, postmarked or submitted online by August 19, 2026. |
Opt Out of the SettlementPostmarked by July 20, 2026 |
Get no Settlement Benefits. Keep your right to file your own lawsuit against Defendant about the legal claims in this lawsuit (see Question 17). |
Object to the SettlementPostmarked by July 20, 2026 |
Stay in the Settlement, but tell the Court why you do not agree with the Settlement. You will still be bound by the Settlement if the Court approves it (see Question 20). |
Attend the Final Approval Hearingon August 21, 2026 at 1:30 p.m. PT |
If you do not opt out of the Settlement, you may ask to speak to the Court at the Final Approval Hearing about the fairness of the Settlement, with or without your own attorney (see Question 22). |
Do NothingNo deadline |
Receive no Settlement Benefits. You give up rights, including your right to start or continue a lawsuit against Defendants and other Released Parties relating to the Data Security Incident (see Question 25). |
Dates and Deadlines
Claims Deadline
August 19, 2026
Exclusion Deadline
July 20, 2026
Objection Deadline
July 20, 2026
Final Approval Hearing
August 21, 2026