Illy Caffè Data Breach Exposes Employee Info

Illy Caffè North America, the North American subsidiary of Italian coffee company Illycaffè S.p.A., disclosed a data breach involving unauthorized access to employee personal information. The total number of people affected across the United States has not been publicly disclosed.

The breach was disclosed to the Massachusetts Office of Consumer Affairs and Business Regulation on April 2, 2026. The company discovered the breach on March 22, 2026, and began notifying affected individuals by letter dated March 31, 2026.

What happened in the Illy Caffè North America data breach

On March 22, 2026, an unidentified individual or individuals gained unauthorized access to certain employee data held by Illy Caffè North America. The breach targeted internal employee records rather than customer data.

The notification letter did not provide specific details about how the unauthorized access occurred, how it was detected or how long the intruder may have had access to systems containing employee data. The company did not identify a specific threat actor or group responsible for the incident.

The types of information that may have been accessed included names, dates of birth, addresses, Social Security numbers, passport numbers, and driver's license and ID numbers.

Illy Caffè North America's response to the breach

Given the severity of the information exposed, Illy Caffè North America is offering affected individuals free credit monitoring and identity protection services through LifeLock for 12 months at no cost.

To take advantage of this offer, affected individuals must enroll within 30 days of receiving the notification letter. The company stated it will provide enrollment details directly to those who are affected.

Affected individuals who have questions or need further assistance can contact Illy's Human Resources department by email at hrdeptnorthamerica@illy.com.

Steps to take if your information was exposed

• Place a credit freeze on credit reports with Equifax at 866-349-5191, Experian at 888-397-3742 and TransUnion at 800-888-4213, which Massachusetts residents can do free of charge.
• Request free credit reports at AnnualCreditReport.com using the online request form or printable mail-in form and review them carefully for unfamiliar accounts or credit inquiries.
• Report any suspected identity theft to the FTC at IdentityTheft.gov or by calling 1-877-438-4338.
• Review free identity theft prevention resources from the FTC, including its identity theft and online security tips and the Identity Theft: A Recovery Plan guide.
• Monitor financial accounts and bank statements closely for any unauthorized transactions or suspicious activity and report concerns to the relevant financial institution right away.