Alera Group Data Breach Affects 10,874 Individuals: SSNs Exposed

On April 28, 2025, Alera Group Inc. discovered a data breach impacting 10,874 individuals across the United States. The breach, which took place on August 4, 2024, involved unauthorized access to sensitive consumer information.

The exposed data includes a wide range of personally identifiable information (PII) such as names, addresses, demographic details, dates of birth, Social Security numbers, driver’s license numbers, financial account and credit card information, passport numbers, and other government-issued IDs (including state, military, tribal, or taxpayer identification numbers).

Additionally, protected health information (PHI) was compromised, including medical history, conditions, diagnoses, medications, treatment or testing details, medical record numbers, insurance or claims data, health insurance information, Medicare/Medicaid IDs, as well as electronic/digital signatures, biometric data, and username and password information.

The breach affected individuals in multiple states, including 651 in Texas, 8 in Maine, 458 in Massachusetts, and 150 in New Hampshire. Alera Group notified affected consumers in writing on May 21, 2025.

The incident was also reported to several state authorities, including the Maine Attorney General, Texas Attorney General, Massachusetts Attorney General, California Attorney General, Vermont Attorney General, and New Hampshire Attorney General.

Alera Group's response

After discovering the breach, Alera Group took steps to secure its systems and began an investigation to determine the scope and impact of the incident. The company has provided details about the breach on its privacy incident page, where affected individuals can find more information and updates.

If you have received a written notice from Alera Group regarding this breach, it is important to take the following steps:

1. Carefully review the notification letter for specific instructions and resources offered by Alera Group.
2. Monitor your financial accounts, credit reports, and health insurance statements for any unusual or unauthorized activity.
3. Consider placing a fraud alert or credit freeze with major credit bureaus to help protect your identity.
4. Be cautious of phishing attempts or suspicious communications that may reference this incident.
5. If your Social Security number or other government-issued identification was exposed, consider contacting the appropriate agencies to discuss additional protective measures.

More information about the company can be found on the Alera Group website.