.png)
Center for Disability Services Breach Affects Thousands of People
Names
Social Security Numbers
Dates of Birth
Addresses
Government IDs
Medical Info
Financial Info
On June 10, 2025, Center for Disability Services discovered suspicious activity on its network related to an employee's email account. An investigation was launched and it was determined that a cybercriminal accessed multiple CFDS employee email accounts between June 19 and June 25, 2025.
A review took place and on July 25, 2025, it was determined that the data breach compromised both personally identifiable information (PII) and protected health information (PHI) were involved. Exposed information included names, demographic information, Social Security numbers, driver’s license or state ID card numbers, medical information, health insurance details and financial account information.
Center for Disability Services disclosed the data breach to the U.S. Department of Health and Human Services on Aug. 8, 2025, reporting at least 3,343 individuals impacted. The organization also published a Notice of Data Event on its website.
The severity of the cybersecurity incident is high, due to the amount of compromised information, which could potentially be used for identity theft, financial fraud, or unauthorized access to medical services.
Center for Disability Services' response
After discovering the breach, Center for Disability Services took steps to secure their systems. In addition to required state and federal disclosures, the center set up a dedicated assistance line at 833-426- 5277. Monday through Friday from 8:00 a.m. to 8:00 p.m. Eastern Time.
If you believe your personal information may have been compromised in this breach:
- Carefully review any notice or communication you receive from Center for Disability Services.
- Monitor financial accounts and credit reports for signs of identity theft.
- Consider placing fraud alerts or credit freezes with the major credit bureaus.
- Be cautious of unsolicited emails or phone calls requesting personal information.
More information about the support organization can be found on the Center for Disability Services, Inc. website.
Protect Your Data
A breach notice means your personal details could be circulating far beyond the organization involved. One practical step is continuous monitoring: services such as Identity Defender (included with an ExpressVPN subscription) can automatically check dark-web markets, flag new credit-file activity, and request removal of your information from data-broker sites.
This kind of “early-warning system” can’t undo a breach, but it can help you spot misuse quickly and limit further exposure. ExpressVPN is offering 61% off, risk-free for 30 days, with ID Theft Insurance included and no extra cost for those who sign up for one or two years.
Data Breach Settlements
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
Subscribe to our weekly class actions newsletter.
.svg)