Linda Hulewat v. Medical Management Resource Group LLC, et al.

CourtDistrict Court, D. Arizona
DecidedJune 30, 2026
Docket2:24-cv-00377
StatusUnknown

This text of Linda Hulewat v. Medical Management Resource Group LLC, et al. (Linda Hulewat v. Medical Management Resource Group LLC, et al.) is published on Counsel Stack Legal Research, covering District Court, D. Arizona primary law. Counsel Stack provides free access to over 12 million legal documents including statutes, case law, regulations, and constitutions.

Bluebook
Linda Hulewat v. Medical Management Resource Group LLC, et al., (D. Ariz. 2026).

Opinion

1 WO 2 3 4 5 6 IN THE UNITED STATES DISTRICT COURT 7 FOR THE DISTRICT OF ARIZONA

9 Linda Hulewat, No. CV-24-00377-PHX-DJH

10 Plaintiff, ORDER

11 v.

12 Medical Management Resource Group LLC, et al., 13 Defendants. 14 15 On November 17, 2025, Plaintiffs Linda Hulewat, Karen Foti Williams, Ralph 16 Gallegos, Michael Martinez, Lynnae Anderson, Marie Therese Montoya, Charles Peterson, 17 Robert Kirk, Marilyn Zajacka, Lynda Israel, Latricia Pelt, Barry Pelt, Ken Waters, Robert 18 Ahrensdorf, and David Yeager (collectively, “Plaintiffs”) filed an Unopposed Motion for 19 Preliminary Approval of Class Action Settlement (Doc. 83). As the Motion is unopposed, 20 Defendants Medical Management Resource Group, LLC, Barnet Dulaney Perkins Eye 21 Center, PC, and Southwestern Eye Center, Ltd. (collectively, “Defendants”) did not file a 22 response. For the reasons stated below, the Court will grant Plaintiff’s Motion. 23 I. Background 24 This case arises from a cyberattack and resulting data breach (the “Data Breach”) 25 that occurred on or around November 14, 2023. (See generally Doc. 28). 26 Defendants generally provide eye care physician services to patients across the 27 country. (Id. at ¶ 2). In their practice, Defendants collect and store patients’ Personally 28 Identifiable Information (“PII”) and Private Health Information (“PHI”). Around 1 November 14, 2023, cybercriminals infiltrated Defendants’ computer systems and 2 absconded with patients’ PII and PHI. (Id. at ¶ 4). The impacted patients, including 3 Plaintiffs, were notified of the Data Breach on or about February 15, 2024. (See id. at ¶ 4 120). Plaintiffs allege that Defendants failed to protect their sensitive information, 5 resulting in the Breach. (Id. at ¶ 1). Consequently, multiple cases were brought regarding 6 the Data Breach, which were all ultimately consolidated into the present action. (See Doc. 7 16). 8 In the time since, several defendants were dismissed from the action for lack of 9 personal jurisdiction. (See Doc. 74). Defendants, likewise, sought dismissal of the action 10 based on a failure to state a claim. (See Doc. 52). However, during the pendency of 11 Defendants’ Motion to Dismiss, the parties scheduled and attended mediation with a highly 12 experienced mediator. (Doc. 83 at 12). Plaintiffs and Defendants were ultimately able to 13 reach a settlement with the assistance of the mediator. (Id.) 14 II. Proposed Settlement Agreement 15 The parties entered into a Class Action Settlement Agreement (the “Settlement 16 Agreement”) on November 17, 2025. The pertinent terms of the Agreement are as follows. 17 The “Settlement Class” is comprised of the Damages Settlement Class Members and the 18 Injunctive Relief Class. The Injunctive Relief Class is defined as: 19 [A]ll individuals whose personal information is collected or maintained by Defendant. Excluded from the Injunctive Relief Class are Defendant, their 20 representatives, any judicial officer presiding over the matter, and such 21 judicial officers immediate family members and staff. Plaintiffs Linda Hulewat; Karen Foti Williams; Ralph Gallegos; Michael Martinez; Lynnae 22 Anderson; Marie Therese Montoya; Charles Peterson; Robert Kirk; Marilyn 23 Zajacka; Lynda Israel; Latricia Pelt; Barry Pelt; Ken Waters; Robert Ahrensdorf; and David Yeager are Injunctive Relief Class Members. 24 (Doc. 83-1 at 8). Simultaneously, Damages Settlement Class Members include: 25 [T]he approximately 258,070 U.S. residents whose Social Security numbers 26 and other personal information were compromised in the Data Breach. Excluded from the Damages Class are the Defendant, their representatives, 27 any judicial officer presiding over the matter, and such judicial officers 28 immediate family members and staff. The Damages Settlement Class 1 Members are eligible to submit a claim under the Damages Class Benefits. Plaintiffs Karen Foti Williams, Michael Martinez, Robert Kirk, Lynda Israel, 2 Ken Waters, and David Yeager are Damages Settlement Class Members. 3 (Id. at 7). These two groups, in combination, make up the Settlement Class. (Id. at 12). 4 Those encompassed in the Damages Settlement Class, whose Social Security numbers 5 were compromised, will be entitled to receive monetary compensation. (See id.). At the 6 same time, the Injunctive Relief Class will all benefit from the various security measures 7 Defendants will implement. (See id. at 16–17). 8 A. Settlement Fund 9 Under the terms of the Agreement, Defendants will endow a non-reversionary 10 “Settlement Fund” in the amount of $1,750,000.00. (Id.) This Fund will be used to pay 11 for Notice and Settlement Administration Costs; all taxes owed by the Settlement Fund; 12 any Court-approved attorney fees, costs, and expenses; any Court-approved Service 13 Awards approved by the Court, and all valid Claims made by the Damages Settlement 14 Class. (Id. at 14). Damages Settlement Class Members will have the opportunity to submit 15 a Claim to receive either a Pro-Rata Cash Payment or be reimbursed for Out-of-Pocket 16 Expenses. A Pro-Rata Cash Payment will entitle a claimant to a pro rata settlement 17 payment, “which may increase or decrease the cash payment, subject to the Settlement 18 Fund cap.” (Id. at 51). Alternatively, a Claim for Out-of-Pocket Expenses can be 19 submitted for “documented out-of-pocket losses reasonably and fairly traceable to the Data 20 Breach.” (Id. at 15). Such Claims must be supported by documentation and attestation 21 and are subject to a $3,000.00 individual cap. (Id. at 16). A “Settlement Administrator” 22 shall be appointed to provide Class Members with notice, review claims, and distribute 23 funds to all valid claimants accordingly. (Id. at 28–32). The Agreement provides opt-out 24 and objection procedures for Damages Settlement Class Members. (Id. at 22–24). 25 B. Injunctive Relief 26 Aside from the Settlement Fund, the Agreement provides for various forms of 27 Injunctive Relief regarding Defendants’ cybersecurity as consideration to the Injunctive 28 Relief Class. (Id. at 16–17). As part of the Injunctive Relief, Defendants shall, amongst 1 other things, implement a Chief Information Officer role, retain an Information Security 2 Training Specialist, create a Cybersecurity Steering Committee, implement an enterprise- 3 wide cybersecurity training program, engage an independent third-party vendor to conduct 4 periodic penetration testing, and administer an improved disaster recovery solution. (Id. at 5 17–18). 6 C. Fees, Service Awards, and Releases 7 The Agreement allows for Class counsel to submit a motion for attorney fees and 8 expenses and for Plaintiffs to seek Service Awards of $2,500.00. (Id. at 21–22). Finally, 9 Damages Settlement Class Members release Defendants from all claims related to the Data 10 Breach and are enjoined from pursuing any such claims. (Id. at 24–25). At the same time, 11 Defendants release Plaintiffs, Damages Settlement Class Members, and Class Counsel of 12 all claims arising out of this Litigation. (Id. at 25). Injunctive Class Members release 13 Defendants from any and all claims for injunctive and/or declaratory relief as described in 14 the Agreement, but Injunctive Relief Class Members do not release or otherwise waive any 15 individual claims for monetary relief. (Id. at 25–26). 16 III. Legal Standard 17 While the Ninth Circuit has declared a strong judicial policy for settlement of class 18 actions, Class Plaintiffs v. City of Seattle, 955 F.2d 1268, 1276 (9th Cir. 1992), Federal 19 Rule of Procedure 23(e) still requires court approval of any class action settlement. Fed. 20 R. Civ. P. 23(e). “Approval under [Rule] 23(e) involves a two-step process in which the 21 Court first determines whether a proposed class action settlement deserves preliminary 22 approval and then, after notice is given to class members, whether final approval is 23 warranted.” Nat’l Rural Telecomms. Coop. v.

Free access — add to your briefcase to read the full text and ask questions with AI

Related

NCNB Texas National Bank v. Johnson
11 F.3d 1260 (Fifth Circuit, 1994)
Amchem Products, Inc. v. Windsor
521 U.S. 591 (Supreme Court, 1997)
Wal-Mart Stores, Inc. v. Dukes
131 S. Ct. 2541 (Supreme Court, 2011)
In Re Bluetooth Headset Products Liability
654 F.3d 935 (Ninth Circuit, 2011)
Ellis v. Costco Wholesale Corp.
657 F.3d 970 (Ninth Circuit, 2011)
Staton v. Boeing Co.
327 F.3d 938 (Ninth Circuit, 2003)
Ginger McCall v. Facebook, Inc.
696 F.3d 811 (Ninth Circuit, 2012)
Robert Radcliffe v. Experian Information Solutions
715 F.3d 1157 (Ninth Circuit, 2013)
Rodriguez v. West Publishing Corp.
563 F.3d 948 (Ninth Circuit, 2009)
In Re Tableware Antitrust Litigation
484 F. Supp. 2d 1078 (N.D. California, 2007)
Theodore H. Frank v. Netflix, Inc.
779 F.3d 934 (Ninth Circuit, 2015)
Denise Edwards v. the First American Corp
798 F.3d 1172 (Ninth Circuit, 2015)
Just Film, Inc. v. Sam Buono
847 F.3d 1108 (Ninth Circuit, 2017)
Sarah Murphy v. Sfbsc Management, LLC
944 F.3d 1035 (Ninth Circuit, 2019)
Hanlon v. Chrysler Corp.
150 F.3d 1011 (Ninth Circuit, 1998)
Wright v. Linkus Enterprises, Inc.
259 F.R.D. 468 (E.D. California, 2009)
Spann v. J.C. Penney Corp.
314 F.R.D. 312 (C.D. California, 2016)

Cite This Page — Counsel Stack

Bluebook (online)
Linda Hulewat v. Medical Management Resource Group LLC, et al., Counsel Stack Legal Research, https://law.counselstack.com/opinion/linda-hulewat-v-medical-management-resource-group-llc-et-al-azd-2026.