LaBella Associates Data Breach Affects 6,712 People

A major architecture and engineering firm headquartered in New York, LaBella Associates, experienced a data breach. On or around March 24, 2025, the company detected suspicious activity within its internal network. An investigation was completed on Oct. 13, 2025, and determined that an unauthorized actor may have accessed sensitive personal data belonging to current and former employees.

The breach was the result of a ransomware attack attributed to the RHYSIDA group, which claimed responsibility and threatened to publish stolen data on the dark web. The attack was posted on the Tor network, a common platform for ransomware groups to announce and leak compromised information.

The cybersecurity incident compromised personally identifiable information (PII), which may have included names, addresses, dates of birth, Social Security numbers, driver's license or state ID numbers and financial account information.

LaBella Associates disclosed the cyberattack to the Attorney generals offices in Maine, Massachusetts, Montana and Vermont on Nov. 12, 2025. The company also began notifying impacted individuals by mail on the same day. The data breach affected at least 6,712 individuals, including 179 in Maine, 30 Massachusetts, and 2 Montana residents.

LaBella Associates' response

In response to the ransomware attack, LaBella Associates took steps to secure its network and engaged a third-party forensic team to investigate the breach. In addition to required state and federal disclosures, the company is offering free TransUnion Cybersout credit monitoring and fraud assistance services to all impacted individuals. The credit monitoring includes access to credit reports, credit scores, and real-time alerts for any changes detected on a credit file.

If you receive notification from LaBella Associates about this breach, you may want to:

• Sign up for the free credit monitoring services, offered by the company.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.