Hypertherm Data Breach Exposes Names and Social Security Numbers

Hypertherm, an employee-owned manufacturer of industrial cutting systems headquartered in Hanover, New Hampshire, has disclosed a data breach that exposed personal information after a hacker exploited a vulnerability in Oracle software.

The total number of people affected across the United States was not disclosed in the filing.

Hypertherm discovered the breach on Feb. 10, 2026, and began notifying affected consumers by mail on March 13, 2026. The company reported the breach to the Maine Attorney General, New Hampshire Attorney General, and the Texas Attorney General starting on March 13, 2026.

How the breach occurred and what was found

Hypertherm uses Oracle's E-Business Suite (EBS) software to help manage its operations. An unauthorized actor exploited a previously unknown vulnerability in Oracle EBS to steal information from multiple organizations' systems.

The company's investigation found that the unauthorized actor obtained database tables from Hypertherm's Oracle EBS application in August 2025. After reviewing the stolen tables, Hypertherm determined on Feb. 10, 2026, that one or more of them contained the names and Social Security numbers of affected individuals.

On Nov. 21, 2025, the ransomware group known as CL0P posted a claim on the dark web's Tor network stating it had obtained data from Hypertherm Associates. The CL0P posting categorized the incident as a ransomware attack.

Hypertherm began mailing notification letters to affected individuals on March 13, 2026, via U.S. First-Class mail. So far, the breach affected 334 Texas residents, 166 New Hampshire residents, and 31 Maine residents.

The total number of individuals affected nationwide was not reported.

The company is offering one year of free identity monitoring services through Kroll. These services include single bureau credit monitoring, fraud consultation and identity theft restoration.

Affected individuals can enroll in the identity monitoring services by visiting the Kroll enrollment portal and using the membership number included in their notification letter. According to the notification, enrollment must be completed by the deadline specified in each person's letter.

Hypertherm has also established a dedicated toll-free call center for questions. Individuals can call 844-403-4502, Monday through Friday from 9 a.m. to 6:30 p.m. Eastern Time, excluding U.S. holidays. The company is located at 21 Great Hollow Rd., Hanover, NH 03755, and can also be reached at 603-643-3441.

Steps to take if your information was exposed

Because this breach involved Social Security numbers, affected individuals should consider taking steps to protect themselves from identity theft. Social Security numbers are among the most sensitive pieces of personal information.

One of the most effective protective steps is placing a credit freeze (also called a security freeze) with each of the three major credit bureaus. A freeze prevents new creditors from accessing a person's credit report, making it much harder for someone to open accounts in that person's name. Freezes are free to place and free to lift.

The three bureaus can be reached at:

• Equifax: 1-888-378-4329 or www.equifax.com
• Experian: 1-888-397-3742 or www.experian.com
• TransUnion: 1-800-916-8800 or www.transunion.com

Individuals may also consider placing a fraud alert on their credit files. An initial fraud alert lasts one year and notifies creditors to take extra steps to verify identity before opening new accounts. Only one credit bureau needs to be contacted to place a fraud alert, as that bureau is required to notify the other two.

Monitoring credit reports regularly is another important step. Consumers can obtain a free copy of their credit report from each of the three major bureaus once every 12 months by visiting AnnualCreditReport.com or calling 1-877-322-8228.

Anyone who believes they may be a victim of identity theft should contact the Federal Trade Commission at www.identitytheft.gov or 1-877-438-4338. They should also consider filing a report with their local law enforcement agency and keeping a copy of any police report for their records, as creditors may request it.

Finally, affected individuals should remain cautious of phishing attempts. Scammers sometimes use news of a data breach to send convincing emails or make phone calls that appear to be from the breached company.