Lessing’s Data Breach: Personal Info Potentially Viewed

Lessing’s Hospitality Group, a hospitality company based in New York and Florida, experienced a data breach. The company detected suspicious activity involving an employee email account. On Aug. 20, 2025, an investigation determined that unauthorized access occurred and sensitive personal information may have been viewed.

This type of cyberattack often compromises both personally identifiable information (PII) and protected health information (PHI) belonging to current and former employees and other individuals. Exposed information may included names, addresses, Social Security numbers, driver's license or state ID copies, health insurance information and financial account information.

Lessing's Hospitality Group began notifying impacted individuals by mail on Oct. 3, 2025. The company disclosed the incident to the Massachusetts Attorney General on Oct. 3, 2025 and the Vermont Attorney General's office on Oct. 6, 2025.

The total number of individuals affected by the breach has not been released, but may include several thousand current and former employees.

Lessing’s Hospitality Group's response

After discovering the suspicious activity, Lessing’s Hospitality Group took steps to secure their email environment. The company worked with a forensic security firm to investigate the incident and confirm the security of their systems.

If you receive a data breach notice from Lessing's Hospitality Group, or believe your information may have been compromised, you may want to:

• Carefully review any notice or communication you receive from the company.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.

For more information about the hospitality group, visit the Lessing’s Hospitality Group website.