Nobu Restaurants Data Breach Exposes SSNs and Government IDs

Nobu Restaurant Group Holding Company LLC, the hospitality company behind the globally recognized Japanese restaurant chain, disclosed a data breach that exposed highly sensitive personal information.

The breach was reported to the Texas Attorney General on April 17, 2026. So far, 280 Texas residents were identified as affected as a result of the breach.

On Nov. 5, 2025, the Akira ransomware group posted on the Tor network, a part of the dark web that is used to host anonymous websites, claiming it had obtained 71 gigabytes of data from Nobu Restaurants

The stolen data allegedly covered a wide range of sensitive records. The group claimed to have obtained employee information as well as personal details belonging to the company's owners, including copies of passports, driver's licenses and Social Security numbers.

Akira also said it had taken detailed financial records, confidential company files and non-disclosure agreements.

According to the filing with the Texas Attorney General, the compromised data confirmed to have been exposed included personally identifiable information such as names, Social Security numbers, driver's license numbers, government-issued identification numbers such as passports and state ID cards, and financial information such as account numbers, credit card numbers and debit card numbers.

The breach also comrpomised protected health information such as medical information and health insurance information.

Nobu's response to the breach

Nobu has notified affected individuals about the data breach by U.S. Mail. Anyone who receives a letter from the company should review it carefully, as it may contain important details about any resources the company is providing to help protect against misuse.

Early action is important for those who may be affected.

Individuals who are concerned that their personal data may have been compromised should consider taking protective steps right away rather than waiting for a letter to arrive.

Steps to take if your information was exposed

• Place a fraud alert or credit freeze with Equifax (1-800-525-6285), Experian (1-888-397-3742) and TransUnion (1-800-680-7289) to help prevent identity thieves from opening new accounts in your name.
• Request free credit reports at AnnualCreditReport.com and review them carefully for any accounts, hard inquiries or other activity that looks unfamiliar.
• Monitor bank and credit card statements closely for unauthorized charges, withdrawals or unfamiliar transactions, since financial information including account numbers and card numbers was exposed in this breach.
• Review medical and health insurance statements for claims or services you did not receive, as both medical records and health insurance details were among the data compromised in this incident.
• Contact your state DMV to ask about protective measures for your driver's license, since license numbers and other government-issued identification numbers were among the types of data exposed.
• Be cautious of phishing attempts that reference Nobu or this data breach by name, as criminals may use stolen personal details to send convincing emails, phone calls or text messages designed to trick people into sharing additional information.