Chiesi USA Data Breach Exposes SSNs & Medical Info

Chiesi USA, Inc., a specialty pharmaceutical company headquartered in Cary, North Carolina, recently reported a significant data breach exposing both personally identifiable information (PII) and protected health information (PHI) of at least 262 Massachusetts residents.

On Dec. 22, 2025, the company disclosed the incident to the Massachusetts Attorney General’s office, confirming that it involved sensitive personal and medical information, including first and last names, Social Security numbers, driver’s license details, financial account information, and medical records.

While the exact method of the breach has not been publicly detailed, Chiesi USA stated that the incident involved unauthorized access to its systems. The company disclosed the data breach to the Massachusetts Attorney General on Dec. 22, 2025, and have began notifying impacted individuals by mail.

Chiesi USA's response

In response to the breach, Chiesi USA has taken several important measures. The company worked with cybersecurity experts to conduct a thorough investigation, secure its systems, and implement additional technical safeguards to prevent future incidents. To help affected individuals protect their identities, Chiesi USA is offering 24 months of complimentary credit monitoring and identity restoration services through Experian.

If you receive notification from Chiesi USA or your provider about this breach, you may want to:

• Sign up for the free Experian identity theft protection services, offered by the company.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.

For affected individuals with questions, Chiesi USA has set up a call center at 833-918-4088, Monday through Friday, 9 a.m. to 9 p.m. ET.