Nelson Worldwide Data Breach: 400 GB of PHI and PII Data Stolen

On or about Feb. 18, 2026, Nelson Worldwide, LLC, a design and architecture firm, experienced a ransomware attack that led to unauthorized access to its network.

The incident was carried out by a cybercriminal group known as CHAOS, which claimed responsibility for the breach and posted about it on the dark web on March 6. According to the threat actor, approximately 400 GB of the organization’s data was exfiltrated.

Following an extensive forensic investigation, Nelson Worldwide determined on Feb. 25 that files containing sensitive personal information were impacted.

The breach exposed a wide range of personally identifiable information (PII) and protected health information (PHI), including full names, Social Security numbers, driver’s license numbers, financial account information and medical records.

The breach has so far impacted at least 56 individuals in Massachusetts, as reported to the Massachusetts Office of Consumer Affairs and Business Regulation.

Nelson Worldwide's response

To help protect those impacted, Nelson Worldwide is offering complimentary credit monitoring and identity protection services through IDX. This includes credit and CyberScan monitoring, identity theft insurance up to $1 million and fully managed identity recovery services.

Affected individuals are encouraged to enroll in the complimentary monitoring program, review their credit reports for suspicious activity and consider placing fraud alerts or security freezes on their credit files.

The company’s notice also provides detailed instructions on obtaining free credit reports, protecting health information and additional resources for identity theft prevention.

Individuals should remain vigilant for any unusual financial or medical activity and take advantage of the resources offered.