Harper Executive Group Data Breach Affects 5,672: PHI and PII Exposed

Harper Executive Group Inc., a real estate company based in San Antonio, Texas, discovered a data breach on Jan. 14, 2026, involving sensitive personal, financial and health information.

The breach was disclosed to the Maine Attorney General and the Massachusetts Office of Consumer Affairs and Business Regulation on March 18, 2026, and to the Texas Attorney General on March 20, 2026.

The breach affected one Maine resident, 5,672 Texas residents and 14 Massachusetts residents. The company began notifying consumers on March 18, 2026, by U.S. mail and through a notice posted on its website.

What happened in the Harper Executive Group data breach

Harper Executive Group experienced a network disruption and promptly launched an investigation. The company engaged third-party specialists which determined that certain information within the company's systems was subject to unauthorized access or acquisition on or around March 3, 2025.

After discovering the disruption, the company worked to identify the data at risk and began a detailed review to determine what types of information may have been affected and which individuals were involved.

Upon completing its review, the company determined that certain personal information may have been impacted.

The range of information potentially exposed included personally identifiable information (PII) such as names, Social Security numbers, dates of birth, driver's license numbers, state ID card numbers, government-issued ID numbers (such as passports), financial account numbers and credit or debit card numbers.

The breach also potentially exposed protected health information (PHI), including medical information and health insurance information.

Harper Executive Group's response to the breach

Given the sensitivity of the information potentially exposed, the company is offering complimentary credit monitoring and identity protection services through IDX. These services are being offered for a period of 24 months.

Affected individuals can enroll by visiting the IDX enrollment page and using the enrollment code provided in their notification letter. The deadline to enroll is June 17, 2026.

Those with questions can contact the company's dedicated assistance line at 1-888-201-5115, where IDX representatives are available Monday through Friday.

Steps to take if your information was exposed

• Place a credit freeze with all three credit bureaus by contacting Equifax (1-888-298-0045), Experian (1-888-397-3742) and TransUnion (1-800-680-7289) to help prevent new accounts from being opened using stolen information.
• Request free credit reports at AnnualCreditReport.com and review them carefully for unfamiliar accounts or credit inquiries.
• Monitor financial accounts and bank statements for unauthorized transactions, and report any suspicious activity to the financial institution right away.
• Review health insurance statements for claims or services not received, since medical and health insurance information were potentially exposed in this breach.
• Watch for phishing attempts that reference Harper Executive Group or this data breach by name, as scammers may try to use the incident to trick people into sharing more personal information.
• Report signs of identity theft to the Federal Trade Commission at identitytheft.gov or by calling 1-877-438-4338.