GiaCare Data Breach Exposes Sensitive PII - Including SSNs

On Dec. 23, 2025, GiaCare Inc., a Fort Lauderdale-based healthcare staffing and IT solutions provider, discovered a data security incident involving a third-party file-sharing platform. The breach was traced to a vulnerability in Gladinet CentreStack, a service GiaCare used to store and share files.

According to the disclosure filed with the New Hampshire Attorney General on Jan. 23, 2026, the company’s IT security vendor confirmed that GiaCare’s own systems were not compromised. Instead, the breach was limited to the CentreStack platform, where an unauthorized third party accessed and exfiltrated certain files on Dec. 6, 2025.

After a thorough review, GiaCare determined that the exposed files contained personally identifiable information (PII) such as name, driver’s license number and Social Security number. The total number of individuals affected has not yet been released; however, at least one individual in New Hampshire has been impacted.

GiaCare's response

In response to the incident, GiaCare engaged its IT security vendor to investigate and confirm the integrity of its own systems. The company has since migrated all data away from the CentreStack platform to a more secure solution and is enhancing its technical security measures to reduce the risk of similar incidents in the future.

GiaCare has notified the affected individual by first-class mail.

The company is offering a complimentary one-year membership to Epiq – Privacy Solutions ID 3B Credit Monitoring. This service provides credit monitoring across all three major bureaus, dark web monitoring, Social Security number monitoring, change of address monitoring, identity restoration assistance and up to $1 million in identity theft insurance.

The notification also includes detailed guidance on how to enroll in credit monitoring, as well as steps individuals can take to protect themselves from identity theft, such as reviewing credit reports, placing fraud alerts or credit freezes and contacting the Federal Trade Commission or local law enforcement if suspicious activity is detected.

Affected individuals are encouraged to remain vigilant, take advantage of the credit monitoring resources provided and follow best practices for safeguarding their personal information.