Kaplan North America Data Breach Likely Affects Millions of Americans

Kaplan North America, LLC, a major education services company, has disclosed a data breach that exposed the personal information of thousands of people across multiple states.

Kaplan discovered the breach on Feb. 21, 2026, and began notifying affected consumers by mail on March 17, 2026, according to the company's notification letter.

The total number of people affected by the breach in the United States has not been disclosed in current regulatory filings. However, reports show the breach affected 173,676 Texas residents, 26,612 South Carolina residents and 19,075 Maine residents, and 2,045 individuals in Rhode Island.

How the Kaplan data breach unfolded

According to the company's notification letter, an unauthorized actor accessed Kaplan's computer servers between Oct. 30, 2025, and Nov. 18, 2025. During that roughly three-week window, the intruder took certain files from the network.

After discovering the incident, Kaplan said it secured its network and launched an investigation with the help of outside IT security specialists.

On Feb. 21, 2026, the investigation determined that the stolen files contained consumers' names, Social Security numbers and/or driver's license numbers.

How Kaplan is responding

Kaplan is offering affected consumers one year of complimentary credit monitoring and identity theft restoration services through Experian's IdentityWorks program. Enrolling in the program is free and will not affect credit scores, according to the notification letter.

The Experian IdentityWorks membership includes a credit report at signup, daily credit monitoring for online members, identity restoration support and $1 million in identity theft insurance. Affected individuals must enroll by June 30, 2026, to activate the credit monitoring services.

Steps to take if your information was exposed

Place a credit freeze. A credit freeze, also called a security freeze, makes it harder for someone to open new accounts using stolen information. Freezes are free to place and lift. However, a freeze must be placed separately with each of the three major credit bureaus:

• Equifax: 1-888-378-4329 or www.equifax.com
• Experian: 1-888-397-3742 or www.experian.com
• TransUnion: 1-833-799-5355 or www.transunion.com

Set up a fraud alert. A fraud alert notifies creditors that someone may be a victim of fraud. An initial fraud alert lasts one year, while an extended alert (for confirmed identity theft victims) lasts seven years. Placing a fraud alert with one credit bureau is enough. That bureau is required to notify the other two. Fraud alerts are free.

Request an IRS Identity Protection PIN. Because Social Security numbers were exposed, affected individuals may want to request an Identity Protection PIN from the IRS. This six-digit number helps prevent someone else from filing a tax return using a stolen Social Security number. It can be requested at irs.gov.

Monitor credit reports. Affected individuals should regularly review their credit reports for any accounts or activity they do not recognize. Free credit reports are available once every 12 months from each of the three major credit bureaus through www.annualcreditreport.com or by calling 1-877-322-8228.

Watch for phishing attempts. After a data breach, scammers sometimes send emails, texts or letters that appear to come from the breached company or from a credit bureau. These messages may reference the Kaplan breach by name to appear legitimate. People should be cautious about any unsolicited communications asking for personal information or login credentials.

Report suspected identity theft. Anyone who believes their information has been misused should contact the Federal Trade Commission at www.identitytheft.gov or 1-877-438-4338. They should also contact their state attorney general's office and local law enforcement. Obtaining a copy of any police report filed can be helpful, as creditors may ask for it when correcting records.

Affected individuals are encouraged to enroll in the free Experian IdentityWorks credit monitoring being offered by Kaplan before the June 30, 2026, deadline.