Gulshan Management Services Data Breach Affects 377k Exposing Social Security Numbers

On Jan. 5, 2026, Gulshan Management Services reported a large data breach affecting at least 377,082 people across the country.

According to a filing with the Vermont Attorney General’s office on Jan. 6, 2026, the breach stemmed from a successful phishing attack on Sept. 17, 2025, which allowed an unauthorized third party to access Gulshan’s information systems. The attackers deployed malicious software that encrypted portions of the company’s network and accessed servers hosting sensitive personal data.

Gulshan discovered the breach on the weekend of Sept. 27, 2025, and began an investigation with third-party cybersecurity experts.

The types of information exposed include names, addresses, Social Security numbers, driver’s license numbers, government-issued ID numbers such as passports or state ID cards, and financial information including account numbers and credit or debit card numbers.

The breach was also reported to the attorneys general office of Maine, New Hampshire, South Carolina, and Texas the same day.

Gulshan’s notice confirms that the attackers were able to access and potentially exfiltrate highly sensitive data belonging to both employees and customers. The breach’s severity is underscored by the attackers’ ability to bypass security through phishing and then encrypt and access core systems.

Gulshan Management Services' response

In response, the company reset all access credentials, rebuilt compromised systems from known-safe backups, installed new threat-monitoring software and implemented stricter access requirements for privileged accounts. Law enforcement and regulatory authorities were also notified.

Gulshan has partnered with Kroll to provide affected individuals with 12 months of complimentary identity monitoring services. These services include single-bureau credit monitoring, fraud consultation and identity theft restoration. Individuals are encouraged to activate these services by visiting the Kroll enrollment website using the membership number provided in their notification letter.

Given the nature of the breach, those affected should remain vigilant.

Recommended steps include:

• Changing passwords and enabling two-factor authentication on all financial and sensitive accounts
• Monitoring credit reports for unauthorized activity
• Initiating a fraud alert or credit freeze with the three major credit bureaus
• Reviewing bank and credit card statements for suspicious transactions

Gulshan has also provided detailed guidance and contact information for the credit bureaus and the Federal Trade Commission in their notice to consumers. Affected individuals can call the dedicated hotline at 844-574-1257 for further assistance.