Completed Data Breach Investigations

Below you will find a list of data breach investigations that are no longer active on ClassAction.org. This does not mean, however, that those affected by the breaches are without recourse. It just means that attorneys working with ClassAction.org have completed their investigations into the data breaches listed below.

There are two main reasons why a case may get added to this page. These are:

A lawsuit has been filed (or is being prepared), and attorneys no longer need to speak with those who received notice of the breach.
Attorneys working with ClassAction.org have decided not to move forward with filing a lawsuit over the breach.
There may be other lawyers, however, who are investigating the incident and looking to take legal action. If you received a notice in a now-archived matter, you may want to contact a local attorney to learn more about your options. Keep in mind that there are time limits for filing all lawsuits.
ClassAction.org Newsletter

Stay Current

Sign Up For
Our Newsletter

New cases and investigations, settlement deadlines, and news straight to your inbox.

We respect your privacy and promise not to share your information with any third parties. You may opt-out at any time.
Case Updates:
Follow the latest developments in ongoing class action lawsuits.
Consumer Information:
Know your rights as a consumer, and when they're being broken.
News:
Read about the newest class action lawsuits and learn how you can take part.
Opinions:
Legal and business professionals offer you their take on the news that matters.
Sort By:

Looking for the most recent data breach lawsuits & investigations? You can find them here.

Ohio Lottery

May 2024

The Ohio Lottery has reported that a December 2023 data breach exposed the personal information of more than half a million individuals.

Panda Restaurant Group has reported that former and current associates' personal information may have been exposed in a March 2024 data breach.

Octapharma Plasma has reportedly been the victim of a ransomware attack that may have compromised consumers' sensitive data, including personal and medical information belonging to donors and employees.

J.P. Morgan

April 2024

J.P. Morgan recently disclosed a data breach that may have compromised Social Security numbers and financial information belonging to over 450,000 people.

Nearly 2 million people are reportedly impacted by a data breach at third-party debt collection agency Financial Business and Consumer Solutions, Inc. (FBCS).

WebTPA Employer Services, which provides third-party administrative services to insurance companies, employers and health systems, is notifying individuals of a data breach in which personal information contained on its network was potentially exposed.

Current and former patients of Valley Mountain Regional Center in California may have had their personal and medical data exposed in a July 2023 data breach.

A June 2023 data breach recently announced by Green Diamond Resource Company may have compromised consumers' personal, financial and medical information.

Blackstone Valley Community Health Care, which provides medical services in Rhode Island, is notifying individuals of a data breach that affected more than 34,000.

SysInformation Healthcare Services, a revenue cycle management and billing services company, recently reported a data breach that may have exposed consumers' personal and medical information.

Kisco Senior Living experienced a data breach in June 2023 and is now notifying individuals whose personal information may have been compromised.

More than 514,000 individuals were reportedly affected by a data breach that targeted HUB International between December 2022 and January 2023.

The Roman Catholic Diocese of Phoenix has reported a data breach that affected participants in Diocese-sponsored employee benefits programs.

Cherry Health, a healthcare provider in Grand Rapids, Michigan, is notifying patients and former employees of a data breach that may have impacted their personal and health information.

Alan Ritchey, Inc.

April 2024

Logistics company Alan Ritchey recently reported a February 2024 data breach that may have exposed consumers' Social Security numbers and other personal information.

Greylock McKinnon Associates recently reported a data breach affecting over 300,000 individuals whose information was provided to the U.S. Department of Justice.

Group Health Cooperative of South Central Wisconsin has reported a data breach that may have impacted the protected health information of more than 533,000 individuals.

Pennsylvania's York County School of Technology revealed that 30,914 individuals may have had their personal and health information compromised in a data breach that took place last year.

More than 300,000 individuals, both patients and staff, are affected by a data breach at Otolaryngology Associates.

On Q Financial, LLC

March 2024

On Q Financial recently reported that over 211,000 clients may have had their names and Social Security numbers exposed in a data breach.

City of Hope

April 2024

City of Hope, a cancer treatment and research organization, has announced a data breach affecting 827,149 individuals that exposed personal, medical and financial information.

SouthState Bank

February 2024

SouthState Bank is notifying consumers that their personal information may have been exposed during a cybersecurity incident discovered in early February 2024.

Emergency Medical Services Authority has reported to the Department of Health and Human Services that more than 600,000 patients may have had their personal information exposed in a data breach.

Orsini Pharmaceutical Services is notifying individuals that their personal and medical information may have been exposed in a January 2024 data breach.

GardaWorld Cash

March 2024

GardaWorld Cash is notifying individuals of a data security incident that may have exposed their personal information in November 2023.

Select Education Group (which includes Institute of Technology, National Holistic Institute, Bauman College, Fremont University and Arch USA) is sending notice of a data breach affecting over 67,000 individuals.

Weirton Medical Center is notifying current and former patients of a data breach that may have compromised their personal information earlier this year.

Valley Oaks Health

March 2024

Valley Oaks Health is providing notice of a data breach that reportedly exposed more than 50,000 individuals' personal information in June 2023.

Aveanna Healthcare

March 2024

Aveanna Healthcare, a provider of home and hospice care, is notifying patients and employees of a data breach that took place last year and exposed certain personal and medical information.

Teleflora

March 2024

Flower delivery service Teleflora is sending letters to individuals affected by a November 2023 data breach that exposed the private information of more than 12,000.

Precision Tune Auto Care has reported a data breach that impacted more than 15,000 people and exposed sensitive personal information, including Social Security numbers.

More than 150,000 individuals have been impacted by a data breach at financial and global information services company Gerson Lehrman Group.

CCM Health

March 2024

CCM Health reported an April 2023 data breach that may have exposed the personal information of more than 29,000 individuals.

Century Federal Credit Union is notifying individuals that their personal information may have been exposed when an unauthorized party accessed an employee email account in August and September 2023.

Eastern Radiologists recently reported that over 886,000 patients' personal and medical information may have been compromised in a November 2023 data breach.

Northeast Orthopedics and Sports Medicine, PLLC is notifying patients of a data breach that occurred in November 2023 and may have exposed sensitive personal and medical information.

Yakima Valley Radiology, PC confirmed a data security incident that compromised the personal and health information of 235,249 individuals.

Greensboro College

February 2024

Over 52,000 individuals may have had their personal information exposed during a data breach that targeted Greensboro College in August 2023.

More than 515,000 people are reportedly affected by a data breach impacting Aspen Dental and WellNow Urgent Care.

Alliance Solutions Group, which does business as TalentLaunch, reported that workers' personal information may have been exposed in a May 2023 data breach.

Cencora, Inc.

February 2024

Cencora has reported to the SEC a data breach in which personal information was stolen from its systems.

Unite Here

February 2024

UNITE HERE suffered a data breach that exposed the personal information of more than 790,000 individuals, specifically members and staff of certain unions, health funds and the San Diego UNITE HERE Pension Fund.

medQ, Inc.

February 2024

Approximately 54,353 people may have had their sensitive medical information exposed in a data breach affecting medQ, which provides imaging workflow software to practices across the country.

EdisonLearning

February 2024

EdisonLearning has reported that individuals’ names and Social Security numbers may have been compromised in a March 2023 data breach.

Virginia Farm Bureau

February 2024

Virginia Farm Bureau is notifying customers and employees that their personal information may have been exposed in an October 2022 data breach.

American Vision Partners

February 2024

More than 2.3 million patients are affected by a data breach at Medical Management Resource Group (MMRG), which does business as American Vision Partners and provides administrative support to ophthalmology practices.

Golden Corral is notifying individuals of a data breach in which an unauthorized actor gained access to the company's computer systems and viewed and/or acquired the personal information of more than 180,000.

AGC America, Inc.

February 2024

AGC America, Inc. reported that over 20,000 individuals may have had their personal information exposed during a data breach in December 2023.

Circuit board manufacturer MFLEX has reported that individuals' personal, medical and financial information may have been compromised in a month-long data breach.

Sage Home Loans (formerly Lenox Financial Mortgage Corporation) reported a December 2023 data breach that may have exposed the personal information of more than 27,000 individuals.

Coleman Health Services

February 2024

Coleman Health Services has reported that consumers' personal information may have been exposed when an unauthorized user gained access to employee email accounts in the fall of 2023.

Bayer Heritage Federal Credit Union has revealed that an unauthorized party gained access to company files in a breach affecting more than 60,000 individuals.

National Advisors Trust

February 2024

National Advisors Trust is notifying consumers about a data security incident that may have compromised their private information in April 2023.

Concentra Health Services reported that nearly 4 million patients' sensitive information may have been exposed in a data breach affecting medical transcription services provider Perry Johnson & Associates.

Knight Barry Title, Inc. reported in January 2024 that a data breach exposed consumers’ private information, including their Social Security numbers.

Washington National reported that over 20,000 people may have had their personal information exposed in a "SIM swapping" attack that allowed an unauthorized party to access a senior officer's cellular account.

A "SIM swapping" attack targeting Bankers Life has exposed the personal information of more than 45,000 individuals.

Kansas Joint & Spine Specialists has reported a data breach that may have impacted nearly 84,000 current and former patients.

Ardent Health Services

January 2024

Ardent Health Services has begun notifying patients of a November 2023 ransomware attack that may have exposed their personal and medical information.

Des Moines Orthopaedic Surgeons reported that nearly 307,900 individuals may have had their personal and medical information exposed in a February 2023 data breach.

Jason's Deli

January 2024

More than 344,000 Jason's Deli customers may have had their personal information exposed in a December 2023 security incident involving credential stuffing.

loanDepot, Inc

January 2024

Non-bank mortgage lender loanDepot, Inc. suffered a data breach in January 2024 that exposed the sensitive personal information of approximately 16.6 million individuals.

Horne, LLP

December 2023

Horne, LLP, which provides business advisory and consulting services, suffered a data breach in December 2021 and is now notifying as many as 170,000 affected individuals.

Ashford

January 2024

Ashford announced a data breach that may have exposed the names and Social Security numbers of more than 46,900 individuals in September 2023.

Air Methods, LLC

January 2024

Medical helicopter company Air Methods announced that patient information may have been exposed when a laptop was stolen from a billing office in November 2023.

Oak View Group

January 2024

Current and former employees of LA-based Oak View Group are receiving notice that their personal information may have been exposed in a data breach.

Carnegie Mellon University reported in January 2024 that an unauthorized party accessed thousands of individuals’ personal information during a data breach last year.

Cooper Aerobics

January 2024

Cooper Aerobics Enterprises, Inc., which runs a fitness center, clinic, and medical imaging firm, is notifying individuals about a data security incident in which an unauthorized party may have accessed servers containing sensitive personal and health-related information.

Nautic Partners LLC

January 2024

Private equity firm Nautic Partners has announced a data breach that affects more than 7,800 individuals and reportedly exposed Social Security numbers.

Mississippi healthcare system Singing River has reported an August 2023 ransomware incident that may have exposed patients' personal and medical information.

ConsensioHealth, LLC

January 2024

ConsensioHealth, a medical management services organization that supports independent physician practices, is notifying thousands of patients after a data breach exposed personal and health information.

More than 10,000 individuals are reportedly affected by a cyberattack involving Fincantieri Marine Group that took place in April 2023.

Both employees and consumers are affected by an Academy Mortgage Corporation data breach that potentially exposed names and Social Security numbers.

UKG Inc.

January 2024

UKG, which provides payroll and workforce management solutions, is reporting that the personal information of New York City Health + Hospitals employees may have been exposed inadvertently.

Electrostim Medical Services, Inc. (EMSI) has reported a data breach affecting more than 500,000 individuals that compromised personal and medical information.

Panasonic Avionics Corporation, which provides in-flight entertainment and communication systems, has reported a cybersecurity incident that exposed information of an undisclosed number of individuals.

HealthEC

December 2023

HealthEC, LLC, a technology company that provides a platform used by healthcare organizations for care coordination, analytics and more, has announced a data breach that reportedly affects nearly 4.5 million patients of the company's clients.

Transformative Healthcare is notifying consumers that their personal information may have been exposed in a 2023 data breach that targeted its former subsidiary, Fallon Ambulance Service.

Retina Group of Washington has reported that nearly 456,000 individuals may have had their personal and medical information exposed in a March 2023 data breach.

LoanCare, LLC

December 2023

LoanCare has reported a data breach affecting over 1.3 million consumers whose information was maintained by the company through its relationship with their mortgage loan servicer.

Recology Inc.

December 2023

California waste management company Recology Inc. is notifying employees that their information may have been exposed in a November 2023 data breach.

Kimco Staffing Services announced a June 2023 data breach that may have exposed over 69,000 employees' names and Social Security numbers.

ESO Solutions, Inc.

December 2023

ESO Solutions, a software provider for hospitals and healthcare systems, announced a data breach that may have exposed 2.7 million patients' personal and medical information.

Comcast is notifying Xfinity customers of a massive data breach that occurred in October 2023 and potentially exposed the personal information of over 35 million individuals.

Mercy Medical Center

December 2023

Mercy Medical Center in Cedar Rapids, Iowa announced that it was one of the victims of a massive data breach affecting medical transcription services provider Perry Johnson & Associates.

Keenan & Associates

December 2023

A data breach reported by Keenan & Associates may have exposed employees' personal and health information for nearly a week in August 2023.

Regional Family Medicine

December 2023

Regional Family Medicine in Mountain Home, Arkansas has reported a data breach that may have exposed the personal information of over 80,000 patients and employees in June 2023.

Southern Illinois Healthcare's Harrisburg Medical Center reported that nearly 148,000 individuals may have had their personal and medical information exposed in a December 2022 data breach.

Financial Risk Mitigation has reported a data breach that exposed nearly 10,800 individuals' personal information in September 2023.

Red Roof Inn

December 2023

Red Roof recently announced that a September 2023 data breach exposed the private information of more than 27,000 individuals.

Americold Logistics LLC

December 2023

Americold Logistics reported an April 2023 data breach that may have exposed sensitive personal information belonging to its employees and their dependents.

Norton Healthcare

December 2023

Approximately 2.5 million patients, employees and their dependents had their personal information exposed in a May ransomware attack affecting the Kentucky-based healthcare system.

Henry Schein, Inc.

November 2023

Henry Schein has begun notifying its employees, customers and suppliers that their sensitive information may have been exposed in an October 2023 data breach.

Cardiovascular Consultants reported that thousands of patients, policy holders and guarantors had their sensitive information exposed in a data breach earlier this year.

Advantis Global

December 2023

Around December 5, 2023, Advantis Global began sending out notice of a data breach that reportedly impacted over 5,000 individuals.

Pan-American Life Insurance Group announced that consumers' personal information was exposed in May 2023 during a data breach that targeted the MOVEit file transfer software.

East River Medical Imaging reported that thousands of its patients and employees had their sensitive information exposed in a September 2023 data breach.

United Regional Health Care System in Wichita Falls, Texas announced a data breach that may have exposed nearly 37,000 individuals' personal and medical information.

Japanese electronics company Alps Alpine reported that its North American subsidiary was affected by a data breach that exposed employees' personal information.

Zeroed-In Technologies, a data analytics firm, reported an August 2023 data breach affecting nearly 2 million individuals, including applicants and current and former employees of its clients.

Nonprofit organization Big Brothers Big Sisters of America reported a March 2023 data breach that may have exposed thousands of consumers' personal, financial and medical information.

Mission Community Hospital in California's San Fernando Valley is notifying patients of a data security incident that may have exposed their personal and medical information.

NSC Technologies

November 2023

NSC Technologies is notifying employees and applicants that their personal information was exposed in a data breach it experienced in June 2023.

Clear Spring Life and Annuity Company has reported that personal information belonging to those associated with its annuity contracts and life insurance policies may have been exposed in a February 2023 ransomware attack.

Welltok, Inc.

October 2023

More than 8 million people may have had personal - and, in some cases, medical and health information - exposed in a data breach involving MOVEit and announced by Welltok.

Pahl & McCay

November 2023

In November 2023, Pahl & McCay announced that consumers’ names, addresses and Social Security numbers were exposed in a security data incident.

AutoZone

November 2023

AutoZone reported in November 2023 that almost 185,000 customers had their personal information exposed in the massive MOVEit data breach.

Medical College of Wisconsin reported that patients' personal and medical information was exposed during the massive MOVEit data breach in May 2023.

Warren General Hospital

November 2023

In November 2023, Warren General Hospital reported a data breach that affected thousands of patients and employees.

U.S. Drug Mart, Inc.

November 2023

Midlothian, Texas pharmacy U.S. Drug Mart reported that it experienced a data breach that may have compromised consumers' personal and medical information.

Okta

November 2023

Current and former Okta employees, as well as their dependents, may have had their personal information exposed in a September 2023 data security incident.

Rusnak Auto Group

November 2023

Rusnak Auto Group announced a data breach that may have exposed consumers' names and Social Security numbers between June 13 and June 16, 2023.

Tri Counties Bank

October 2023

Tri Counties Bank reported that in February 2023, an unauthorized party may have gained access to personal information belonging to customers and employees, among others.

Stanley Steemer

November 2023

In November 2023, Stanley Steemer reported a hacking incident that has exposed the private information of thousands of individuals.

MESVision and Gerber Life Insurance Company are sending notices to nearly 27,000 individuals whose personal and health insurance information may have been exposed in a 2023 data breach affecting a widely used file transfer system known as MOVEIt.

Synergy Healthcare Services reported that a data breach may have exposed personal and health information of patients and others affiliated with certain long-term care providers.

MESVision

November 2023

Medical Eye Services (which does business as MESVision) announced a May 2023 data breach that may have compromised the personal information of its vision insurance plan participants.

Northwell Health

November 2023

Northwell Health has confirmed that it its patients' personal and medical information was exposed in a data breach affecting third-party vendor Perry Johnson & Associates, Inc.

The International Association of Sheet Metal, Air, Rail and Transportation Workers (SMART) reported that private data belonging to over 62,000 individuals was exposed in a data breach discovered in early September.

Financial Asset Management Systems is reporting a late March 2023 security incident that allowed certain information stored on its network to be obtained by an unauthorized party.

Kyocera AVX

October 2023

Kyocera AVX reported that over 39,000 individuals may have had their full names, Social Security numbers and other information exposed in a data breach it experienced between February 16 and March 30, 2023.

Hawkins Delafield & Wood LLP has reported a data security incident that may have exposed names and Social Security numbers.

Pacific Union College

November 2023

Pacific Union College reported that over 56,000 individuals' personal and financial information was compromised in a data breach that occurred between March 5 and 19, 2023.

CRC Insurance Services reported that in January 2023, an unauthorized party may have gained access to personal and health information belonging to consumers associated with its insurance carrier and agency partners.

Deer Oaks is notifying consumers that their protected health information may have been accessed without authorization during a security incident discovered in early September.

Greater Rochester Independent Practice Association, a vendor for health providers and insurance plans, reported that over 279,000 individuals' information was exposed as part of the MOVEit data breach.

Georgia Northside Ear, Nose, and Throat began notifying patients in September 2023 that their personal and medical information was exposed in a data breach discovered in August of this year.

Cook County Health

September 2023

Cook County Health has confirmed that up to 1.2 million patients had their protected health information exposed during a data breach that affected one of the Illinois healthcare network's vendors.

Hilb reported in November 2023 that it experienced a data breach affecting over 81,000 individuals when an unauthorized party gained access to several employee email accounts.

Postmeds, Inc.

October 2023

Postmeds (which does business as TruePill) has reported that individuals' names and prescription information were revealed during a data breach that occurred between August 30 and September 1, 2023.

Pro Mach Inc.

October 2023

ProMach announced a data breach in October 2023 that may have compromised the personal and health information of current and former employees and potentially their beneficiaries and dependents.

Peerstar LLC

October 2023

Peerstar LLC announced a data breach during which an unauthorized third party may have accessed the personal and health information of more than 11,000 patients between February 22 and March 3, 2023.

Atlas Healthcare

October 2023

Atlas Healthcare announced that personal information belonging to over 10,000 residents of three of its Connecticut assisted living facilities was exposed in a data breach in January 2023.

Around October 27, 2023, Drug Free Workplaces began sending out notice of a data breach that reportedly impacted 37,705 individuals.

Ben E. Keith Company

October 2023

Ben E. Keith Company reported in October 2023 that consumers’ names and Social Security numbers were exposed in a data breach it experienced earlier this year.

Progressive Leasing

October 2023

Progressive Leasing reported in late October that thousands of its customers and employees had their information exposed in a September 2023 data breach.

Sunflower Bank

July 2023

Sunflower Bank began notifying customers in September 2023 that their personal information was exposed in a data breach that targeted MOVEit.

PHH Mortgage Corporation

September 2023

Pension Benefit Information is notifying PHH Mortgage customers that their personal information may have been exposed in a massive data breach that targeted MOVEit in late May 2023.

Pension Benefit Information is notifying Athene policyholders of a data breach that may have compromised their personal information in late May 2023.

MassMutual Ascend

July 2023

Pension Benefit Information reported in July 2023 that the massive MOVEit data breach exposed information belonging to customers affiliated with MassMutual Ascend and its subsidiaries.

Pension Benefit Information is notifying Nassau Life and Annuity customers that their personal information may have been exposed in the massive MOVEit data breach that occurred in late May 2023.

Pension Benefit Information reported in August 2023 that the massive MOVEit data breach impacted consumers affiliated with Consolidated Edison Company of New York (ConEd).

Taylored employees, as well as those working for related entities, may have had their personal information exposed in a data incident.

Radius Global Solutions

September 2023

Radius reported in September 2023 that consumer information obtained through the company's collection efforts on behalf of its clients was exposed in the massive MOVEit data breach.

BHI Energy

October 2023

BHI Energy is notifying more than 90,000 individuals that their personal information may have been compromised after a hacker gained access to the company's network.

Jaco Oil Company

September 2023

Jaco Oil Company reported on September 1, 2023 that files containing private data belonging to consumers had been copied from its computer network by an unauthorized individual.

Around August 29, 2023, Cornwell Quality Tools began sending out notice of a data breach that reportedly impacted 11,884 individuals.

Pension Benefit Information is sending data breach letters to insureds and prospective insureds of Standard Insurance Company whose personal information was compromised in a data breach.

In September 2023, Texas Medical Liability Trust reported that a breach of its systems may have compromised the data of nearly 60,000 individuals.

Honeywell International

September 2023

In September 2023, Honeywell reported a data breach that has exposed individuals’ names and Social Security numbers.

On August 17, 2023, Blue Cross Blue Shield of Arizona reported that 47,485 people were affected by a data breach that impacted TMG Health, a company that provides data services to the insurer.

Gaston College

August 2023

Over 190,000 individuals have been impacted by a data breach Gaston College announced on August 25, 2023.

American National

August 2023

American National reported in August 2023 that customers' personal and medical information was exposed during the massive MOVEit data breach in late May.

A data breach at the National Student Clearinghouse has affected more than 50,000 individuals and potentially exposed names and Social Security numbers.

Encore Pharmacy

September 2023

It’s been reported that thousands of individuals have been affected by a data security incident announced in September 2023 by Founder Project Rx, Inc., which does business as Encore Pharmacy.

Vi Living

September 2023

Vi Living reported in September 2023 that an unauthorized party accessed consumers' personal information during a March data breach.

A data breach at Mortgage Industry Advisory Corporation was reported on September 5, 2023 and affects nearly 9,000 individuals.

Lifeline Systems Company

September 2023

A data breach affecting Lifeline Systems Company was announced in September 2023 and may have exposed health and medical information.

A data breach experienced by Delaware Life Insurance Company in May 2023 has exposed private information belonging to its policy contract holders.

Data Media Associates

August 2023

Data Media Associates began notifying patients in August 2023 that their personal and health information was exposed in a data breach it discovered in early June of this year.

Acadia Health

September 2023

On August 2, 2023, Acadia Health (Just Kids Dental) experienced a data breach that compromised patients' and employees' personal and health information.

Lennar Corporation

October 2023

In October 2023, Lennar Corporation reported a hacking incident that affected thousands of individuals.