USClaims notifies 25K+ people of data breach claimed by ransomware gang

US Claims Capital (USClaims) this week confirmed it notified 25,722 people of a January 2025 data breach that compromised their personal and health information.

The legal financial services company says it first became aware of the breach on January 7, 2025. It has not publicly disclosed specifics on what information was compromised. The company is offering eligible victims free identity theft protection, which usually implies that Social Security numbers were compromised.

Ransomware gang LeakedData claimed responsibility for the breach. The group listed USClaims on its data leak site with the status, “Leaked”. That could indicate ransom negotiations failed and data that LeakedData claims to have stolen is available for anyone to download.

USClaims has not verified LeakedData’s claim. We do not know if the company paid a ransom, how much LeakedData demanded in ransom, or how attackers breached USClaims’ network. Comparitech contacted USClaims for comment and will update this article if it replies.

“On or about January 7, 2025, USClaims became aware of suspicious activity within its network environment. Upon becoming aware, USClaims promptly began an investigation into the scope and nature of the suspicious activity and retained legal counsel and third-party forensic specialists to investigate the suspicious activity,” says USClaims’ notice to victims. “That investigation revealed that certain information related to you may have been acquired by an unauthorized individual as part of the event.”

The deadline for victims to enroll in free identity theft protection is July 11, 2025.

Who is LeakedData?

LeakedData is a relatively new ransomware group that first surfaced in December 2024. It mostly targets US financial and legal businesses. It’s not clear where the group is from or what its motivations are.

LeakedData claimed responsibility for eight confirmed ransomware attacks since it began, compromising about 72,500 records. This attack on USClaims is the group’s largest so far by number of records affected. The group has made another 58 unconfirmed claims that haven’t been acknowledged by the targeted organizations.

LeakedData’s other confirmed attacks on the US financial sector include:

• Metro Public Adjustment notified 2,060 people of a data breach in October 2024
• Cross Valley Federal Credit Union notified 17,826 people of a data breach in November 2024
• Atlas CPAs & Advisors notified 982 people of a data breach in December 2024

In 2025, we have confirmed one other LeakedData attack claim against Olinsky Law Group.

Ransomware attacks on US finance

Comparitech researchers have logged five confirmed ransomware attacks on US financial businesses in 2025 so far, following 66 attacks in 2024. This year’s attacks have compromised 77,626 records, while last year’s totaled 35.8 million. The average ransom demand is just north of $1 million.

Other recent such attacks include those on Pacific Residential Mortgage, which notified 35,525 people after a Lynx ransomware attack in February, and Heritage South Credit Union, which was hit by Embargo ransomware in January.

We’re tracking another 74 attack claims in 2025 that haven’t been acknowledged by the targeted organizations.

About USClaims Capital

USClaims is a pre-settlement financing firm that sells financial services to personal injury victims of car accidents, work accidents, premises liability, and medical malpractice. In exchange for advance funding through the legal process, USClaims takes a cut of recovered funds from plaintiffs. The company is based in Boca Raton, Florida.