Merkle Inc. Data Breach Exposes Social Security Numbers

Merkle recently experienced a data breach on Aug. 31, 2025. The incident began when Merkle detected unusual activity on its servers, causing the company to activate its incident response protocols, contain the activity, and launch an investigation with the help of a cybersecurity firm experienced in similar situations.

The investigation revealed that an unauthorized actor had accessed Merkle’s computer servers and acquired certain files.

After a thorough review, Merkle determined on Jan. 27, 2026, that one or more files contained the name and Social Security number of its clients. The company has not reported any evidence that other types of information or additional individuals were affected in this incident.

The data breach has affected at least one New Hampshire resident, according to a disclosure filed with the New Hampshire Attorney General on Feb. 6, 2026. The total number of affected individuals is currently undisclosed.

Merkle's response

After discovering the breach, Merkle engaged a cybersecurity firm to assist with containment and investigation efforts. They also conducted a thorough review of the compromised files to determine the scope of the incident.

For those affected, Merkle is offering the affected individual a complimentary one-year membership to Experian IdentityWorks, which provides credit monitoring, identity restoration assistance and $1 million in identity theft insurance. The company has provided detailed instructions for enrollment and a dedicated phone number for questions or concerns.

Additionally, Merkle has taken steps to enhance its existing security measures to help prevent similar incidents in the future.

For those who may be affected, it is important to remain vigilant for signs of identity theft or fraud. Reviewing account statements and credit reports regularly can help detect unauthorized activity. Merkle’s notification also provides guidance on placing fraud alerts or security freezes with credit bureaus, as well as contact information for the Federal Trade Commission and state attorneys general.