David Evans Enterprises Data Breach: 8,915 Individuals Affected

David Evans Enterprises Inc, a civil engineering and consulting firm headquartered in Portland, Oregon, disclosed a data breach that affected approximately 8,915 individuals in the United States, including 2,268 Washington residents, 19 Indiana residents, 16 Massachusetts residents, four Maine residents and four New Hampshire residents.

The breach was reported to attorneys general in California, Indiana, Maine, Massachusetts, Nebraska, New Hampshire, Oregon, Vermont and Washington starting on April 10, 2026. The company discovered the breach on March 23, 2026, and began notifying affected individuals by written notice on April 10, 2026.

The breach occurred over a two-day period between Feb. 26, 2026, and Feb. 27, 2026. Nearly a month passed between the breach and its discovery, and the company began sending written notices to affected individuals approximately two and a half weeks after that.

Tthe specific types of personal information that may have been accessed or exposed during the breach include names, Social Security numbers, driver's licenses, and financial account information.

David Evans Enterprises' response to the breach

David Evans Enterprises is offering affected individuals with 12 months access to credit monitoring and identity protection services at no charge. The company is also providing proactive fraud assistance to help affected individuals with questions or in the event that they become a victim of fraud.

These monitoring and fraud assistance services are being provided through Cyberscout, a TransUnion company that specializes in fraud assistance and remediation services. Enrollment in the services must be completed within 90 days of the date of the letter.

The company also encourages affected individuals to remain vigilant against identity theft and fraud. It advises recipients to review their credit reports and account statements regularly for suspicious activity and to detect errors.

Steps to take if your information was exposed

• Place a fraud alert or credit freeze by contacting any of the three major credit reporting bureaus: TransUnion at 1-833-799-5355, Experian at 1-888-397-3742 or Equifax at 1-800-685-1111.
• Request free credit reports at AnnualCreditReport.com and review them carefully for unfamiliar accounts or inquiries that were not authorized.
• Review bank and financial account statements regularly for any suspicious or unauthorized transactions and report discrepancies to the financial institution right away.
• Be cautious of phishing attempts that reference David Evans Enterprises or this data breach by name, as scammers often use breach notifications to trick people into sharing personal information.
• Report suspected identity theft to the Federal Trade Commission at IdentityTheft.gov or by calling 1-877-438-4338.