DocketWise Data Breach Affects 116k People, Exposing SSNs

DocketWise, a cloud-based immigration case management software company used by thousands of immigration law firms across the United States, disclosed a data breach that affected approximately 116,666 individuals nationwide.

DocketWise provides form preparation, case management and client relationship management tools for immigration law practices. Because DocketWise stores data on behalf of its law firm customers, the affected individuals are clients of those law firms whose personal information was held in the DocketWise platform.

In October 2025, DocketWise determined that the login credentials to one of its third-party partner repositories may have been accessed, according to the company's notification to consumers. The company immediately launched an investigation with the assistance of third-party cybersecurity experts to determine the nature and scope of the suspected unauthorized activity.

The forensic investigation confirmed that an unauthorized actor or actors used valid credentials to clone certain third-party partner repositories. Some of these repositories were part of a data migration pipeline for the DocketWise application, and that application contained unstructured data belonging to DocketWise's law firm customers, including personal information of the law firms' clients.

The types of personal information exposed varied by individual but included names, addresses, Social Security numbers, dates of birth, driver's license numbers, passport numbers, financial account numbers, financial account usernames and access information, payment card numbers, payment card access information, governmental identification numbers, tax identification numbers, health insurance policy numbers, medical condition or treatment information, and usernames and access information for non-financial accounts.

The breach was disclosed to the Maine Attorney General on April 3, 2026, with 13 Maine residents identified as affected. DocketWise began notifying consumers by written notice on April 3, 2026. The company also posted a notice about the incident on its website.

DocketWise's response

DocketWise is offering affected individuals 24 months of complimentary credit monitoring and identity restoration services through IDX. Individuals can enroll by visiting the IDX enrollment page and using the enrollment code provided in their notification letter.

They can also call 1-844-890-7449, Monday through Friday from 9 a.m. to 9 p.m. Eastern Time, excluding U.S. holidays. The deadline to enroll is July 3, 2026.

Individuals who did not receive a notification letter but believe they may have been affected can also call the dedicated assistance line for more information.