Major US delivery company hit in data breach with full names, SSNs and medical info of thousands exposed online
Thousands of people have had their sensitive personal information exposed in a data breach at U.S. delivery company OnTrac that occurred over two days in April 2025. According to reporting from Cybernews, more than 40,000 individuals have been impacted by a data breach that exposed personal details including names, date of birth, Social Security numbers, driver’s license or state IDs, and medical and/or health insurance information.
OnTrac has sent out data breach notification letters informing affected individuals that their personal data may have been compromised. According to a sample letter obtained by the Office of the Maine Attorney General, the attackers reportedly had access to the company’s network between April 13th and April 15th 2025. The data that they accessed can now be used to commit a variety of malicious activities including medical identity theft where threat actors can submit fraudulent insurance claims or acquire prescription drugs for resale, or other forms of identity theft like setting up fraudulent bank accounts, false tax returns or taking over an individual’s benefits.
The breach notice that OnTrac sent out states that “because we took steps to ensure that the data at issue was re-secured and not distributed, we are not aware of any fraud or publication of stolen information resulting from this incident, nor do we have any reason to believe any such misuse of information will occur.”
How to stay safe after a data breach
Many of us have been affected by a data breach, and one of the best ways you can protect yourself is to invest in one of the best identity theft protection services. Signing up ahead of time means you get access to the identity theft insurance and extra support these services provide. However many companies will provide free access to one of these services after a breach.
For instance, in this case, OnTrac is providing 12 months of free credit monitoring and identity protection services through TransUnion and CyberScout. If you do receive a data breach notification letter (in regards to this breach or any other one for that matter), there will be a code inside that you can use to take advantage of this offer.
One of the best antivirus software suites can also help protect you and your devices from malware and other online threats. A quality antivirus software will provide different features to keep you safe online including one of the best VPNs with browser-level privacy protection.
However, It’s also important to stay vigilant against phishing and social engineering attacks, and to monitor your accounts for suspicious activity. When it comes to phishing, the best way to stay safe is to avoid clicking on any links, QR codes or attachments in emails or messages from unknown senders. To protect yourself against most common social engineering attacks, be wary anytime you’re approached through social media or by contacts offering opportunities that seem to good to be true.
We’re seeing more data breaches each day as hackers have set their sights on both larger and smaller companies. Fortunately, OnTrac took action immediately and it is providing some compensation in the form of free identity theft protection to affected individuals for a full year.
Follow Digitpatrox on Google News to get our up-to-date news, how-tos, and reviews in your feeds. Make sure to click the Follow button.
More from Digitpatrox
Source link