Compound Solutions Data Breach Exposes PII Details

Published

October 14, 2025

Updated

October 14, 2025

Compound Solutions

Types of INFORMATION affected

Names
Social Security Numbers
Dates of Birth
Addresses
Government IDs
Medical Info
Financial Info

Compound Solutions, Inc., a supplier and distributor of nutraceutical ingredients, experienced a cyberattack. The company detected unauthorized access to it's internal network on Feb. 28, 2025. An investigation revealed that a cybercriminal may have accessed or acquired sensitive files between Feb. 27, 2025 and Feb. 28, 2025.

The Ransomware group known as PLAY claimed responsibility for the attack on the dark web, stating they had hacked the Compound Solutions database and threatened to publish confidential data, including private and personal information, client documents, budget, payroll, accounting, tax records, IDs and financial information.

A review took place and on Sept. 17, 2025, it was determined that the data breach compromised both both personally identifiable information (PII) and protected health information (PHI). Exposed information may have included names, contact information, dates of birth, Social Security numbers, driver's license numbers, health insurance information and financial account information.

Compound Solutions began notifying affected individuals by mail on Oct. 8, 2025. The cybersecurity incident was also disclosed to the Massachusetts Attorney General's office on Oct. 9, 2025. The total number of affected individuals has not been released, but is believed to include current and former employees.

Compound Solutions' response

Upon discovering the breach, Compound Solutions secured its IT environment and notified law enforcement. In addition to required of state and federal disclosures, the company is offering affected individuals complimentary IDX credit monitoring services, which includes a $1,000,000 insurance policy and ID theft recovery services.

If you receive a notice from Compound Solutions about this breach, you may want to:

Sign up for the free IDX credit monitoring services, offered by the company.
Monitor your credit reports and financial accounts for any unusual activity.
Be alert for phishing emails or phone calls that may use your exposed information.
Consider placing a fraud alert or credit freeze with major credit bureaus.

Compound Solutions has also set up a confidential call center for individuals with questions at 833-788-9712, 6:00am to 6:00pm Pacific Time, Monday through Friday.

For more information about the company, visit the Compound Solutions website.