Highmark Companies Data Breach: Financial Information Exposed

Highmark Companies, a family of residential and commercial property service brands, disclosed a data breach connected to a ransomware attack.

On or about Nov. 10, 2025, Highmark Companies became aware of unauthorized activity in its network. The company began an investigation, working closely with external cybersecurity professionals experienced in handling these types of incidents.

About 10 days after the breach was discovered, on Nov. 20, 2025, a ransomware group known as PLAY claimed responsibility for the attack on a dark web. The group stated it had obtained organizational data and planned to publish it within three to four days.

On March 30, 2026, nearly five months after the breach was first detected, Highmark Companies confirmed the names and addresses of impacted individuals and the nature of the data involved.

The types of personal information potentially exposed included full names, Social Security numbers, financial account information, driver's license numbers, passport numbers, dates of birth, digital signatures, health insurance information and credit or debit card numbers.

The company posted notice posted on its website detailing the event.

Highmark Companies' response to the breach

Starting on April 24, 2026, Highmark Companies sent notification letters to affected individuals. Additionally, individuals whose Social Security numbers were potentially involved in the breach were offered complimentary credit monitoring.

To help affected individuals get answers, the company established a dedicated call center. Representatives can be reached at 1-800-405-6108, Monday through Friday, 8 a.m. to 8 p.m. EST.

Steps to take if your information was exposed

• Place a fraud alert on credit files by contacting Equifax (1-800-525-6285), Experian (1-888-397-3742) or TransUnion (1-800-680-7289).
• Consider placing a security freeze on credit reports through Equifax (1-888-298-0045), Experian (1-888-397-3742) or TransUnion (1-888-909-8872) to prevent new accounts from being opened without authorization.
• Request free credit reports at AnnualCreditReport.com or through the online request form and review them for unfamiliar accounts or unauthorized inquiries.
• Monitor financial account statements regularly for unauthorized transactions, since financial account information and credit or debit card numbers may have been exposed.
• File a complaint with the FTC at ftc.gov/idtheft or by calling 1-877-438-4338 if any suspicious activity is discovered.
• Be cautious of phishing attempts that reference Highmark Companies or this breach by name, as scammers often try to exploit data breach notifications to trick people into sharing even more personal information.