Maritz Holdings Data Breach Exposes Social Security Numbers

On Nov. 13, 2025, the global management consulting firm, Maritz Holdings Inc., discovered a data breach involving its Oracle E-Business Suite (EBS) platform. The breach occurred between Aug. 10 and Aug. 13, 2025, when an unauthorized third party exploited a previously unknown (zero-day) vulnerability in Oracle EBS. This vulnerability had not yet been publicly disclosed or patched at the time of the incident, leaving many organizations worldwide exposed.

The attackers, identified as the CL0P ransomware group, gained access to Maritz’s Oracle EBS environment, which the company primarily uses for finance-related activities such as invoicing, receiving payments, and issuing payments through accounts payable. During the brief window of unauthorized access, the attackers exfiltrated files containing sensitive personal information.

The types of consumer information exposed in this breach include names and Social Security numbers.

State disclosures confirm that four Maine residents and three New Hampshire residents were impacted. The company notified affected individuals by written letter on Feb. 27, 2026. Maritz also disclosed the breach to the California Attorney General on Feb. 27, 2026.

The CL0P ransomware group claimed responsibility for the attack and posted about the breach on the dark web on Nov. 13, 2025.

Maritz Holdings' response

To help protect those affected, Maritz is offering a complimentary 24-month membership to Experian IdentityWorks credit monitoring and identity protection services. This service includes credit monitoring, identity restoration support, and up to $1 million in identity theft insurance. Affected individuals can enroll in this program at no cost and without impacting their credit scores. Maritz has provided a dedicated toll-free hotline (833-918-3973) for questions and support related to the breach.

To further strengthen its defenses, Maritz has fully patched its Oracle EBS environment and is implementing additional security measures, including enhanced monitoring and detection capabilities, improved vulnerability and patch management processes, and reduced external system exposure.