EB Archbald & Associates Data Breach Affects 17,000 Individuals: SSNs Exposed

On March 23, 2025, EB Archbald & Associates, Inc., a specialized computer software provider for the oil and gas industry, experienced a significant ransomware attack. The cybercriminal group Qilin claimed responsibility for the breach, stating they had obtained 700 GB of company data.

The attackers infiltrated both the company's servers and Microsoft cloud-based portal, encrypting all stored data and demanding a large ransom for a decryption key. When the company refused to pay, the attackers threatened to release the stolen information online. The incident was posted on the dark web on March 26, 2025, via the Qilin group’s network on Tor.

The breach affected approximately 17,000 individuals across the United States, including 3,156 Texas residents and 8 Maine residents, as reported to state authorities.

The exposed information includes personally identifiable information (PII) such as first and last names, postal addresses, Social Security numbers, federal tax identification numbers, as well as sensitive financial data like bank account and routing numbers. No account passwords, access codes, driver's licenses, or other state-issued identification numbers were involved.

The company notified the California, Maine, and Texas Attorneys General about the breach on May 15, 2025. Affected individuals were formally notified in writing on May 21, 2025. For further details, you can review the official disclosures on the Maine Attorney General’s website, the Texas Attorney General’s data breach reports page, and the California Attorney General’s data breach report.

EB Archbald's response

After discovering the attack, EB Archbald & Associates contacted the Federal Bureau of Investigation and followed their guidance, refusing to pay the ransom. The company also engaged cybersecurity experts and outside legal counsel to investigate the incident. Their top priority has been to determine the extent of the breach and to notify all potentially affected individuals.

To strengthen their defenses and prevent future incidents, the company has implemented several new security measures:

• Upgraded web server infrastructure to enhance data security
• Adopted multi-factor authentication for system access
• Deployed advanced cybersecurity software

In addition, EB Archbald & Associates has partnered with IDX, a consumer protection service, to provide support and guidance to those affected. IDX representatives are available to answer questions and offer assistance regarding identity protection and credit monitoring. The company encourages all affected individuals to:

• Remain vigilant by reviewing account statements and monitoring credit reports
• Place fraud alerts or security freezes with major credit bureaus if necessary
• Report any suspicious activity or suspected identity theft to law enforcement and relevant authorities

Detailed instructions for enrolling in credit monitoring and additional protective steps are provided in the notice to consumers, which is available at the bottom of this page in PDF format.

More information about the company and its services can be found on the EB Archbald & Associates website.