Aquarium of the Pacific Data Breach Exposes Personal Info

Aquarium of the Pacific, Southern California’s largest aquarium with 1.5 million visitors annually, experienced a data breach. On June 3, the organization detected suspicious activity within an internal email account. An investigation determined that an unauthorized access gained access to the email account between April 19, 2025, and June 3, 2025.

The data breach compromised personally identifiable information (PII). The total number of impacted individuals has not been released, but is believed to include current and former employees and possibly visitors as well.

Possible exposed information may include names, addresses, dates of birth, Social Security numbers, driver's license numbers, health insurance information and financial account or payment information.

Aquarium of the Pacific began notifying impacted individuals by mail on Sept. 25, 2025. The cybersecurity incident was also disclosed to the Vermont Attorney General's office on Sept. 29, 2025.

Aquarium of the Pacific's response

In addition to required state and federal disclosures, the aquarium is offering impacted individuals 12 free months of Epiq - Privacy Solutions ID credit monitoring and identity protection services.

If you receive a notice from Aquarium of the Pacific about this breach, you may want to:

• Sign up for the free IDX identity theft protection services, offered by Episource.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.

For more on the aquarium, visit the Aquarium of the Pacific website.