Quatrro Data Breach Exposes Sensitive PII Including SSNs

Quatrro Business Support Services Inc., a tech-enabled outsourcing firm headquartered in Marietta, Georgia, disclosed a data breach involving unauthorized access to files containing sensitive personal information.

The breach was reported to attorneys general in Maine and New Hampshire on March 23, 2026. According to those filings, two Maine residents and five New Hampshire residents were identified as affected. Quatrro discovered on Feb. 25, 2026, that the compromised files contained personal information and began notifying consumers on March 23, 2026.

What happened in the Quatrro Business Support Services data breach

Quatrro identified and began responding to a security incident on Dec. 7, 2025. A thorough investigation followed. The investigation found that an unauthorized party accessed certain files within the company's systems during a nine-day window, from Nov. 11 through Nov. 19, 2025.

After identifying the unauthorized access, Quatrro reviewed the contents of the affected files. On Feb. 25, 2026, that review determined the files contained personal information belonging to affected individuals.

The types of information exposed included names, Social Security numbers, driver's license numbers, passport numbers, payment card numbers, financial account numbers and health insurance policy numbers. Not every type of data was exposed for every person.

According to the company's notification letters, some individuals had their name and Social Security number compromised, while others also had one or more of the additional data types involved in the breach.

Quatrro Business Support Services' response to the breach

On March 23, 2026, Quatrro began mailing written notification letters to affected individuals via United States Postal Service First-Class mail.

Quatrro is offering all notified individuals a complimentary membership to credit monitoring and identity protection services provided by Kroll. According to the notification letters, the services include triple bureau credit monitoring, which sends alerts when changes appear on a person's credit file at any of the three national credit bureaus.

The offering also includes unlimited fraud consultation with a Kroll specialist and identity theft restoration services. If someone becomes a victim of identity theft, a licensed Kroll investigator will work on their behalf to help resolve related issues.

Affected individuals can activate their complimentary monitoring by visiting Kroll's enrollment website and entering the membership number included in their notification letter. Each person's letter includes a specific deadline to enroll in the services.

The company has also established a dedicated toll-free call center to answer questions from affected individuals. The number is 844-443-1281, available Monday through Friday from 9:00 a.m. to 6:30 p.m. EST, excluding major U.S. holidays. Quatrro's general phone number is 1-866-622-7011.

Steps to take if your information was exposed

• Place a credit freeze with all three credit bureaus. Contact Equifax (1-888-378-4329), Experian (1-888-397-3742) and TransUnion (1-833-799-5355) to make it harder for anyone to open new accounts using your information.
• Request free credit reports at AnnualCreditReport.com and review them for any accounts or activity that look unfamiliar.
• Monitor bank accounts and payment card statements closely. Because financial account numbers and payment card numbers were among the data exposed, check statements regularly for unauthorized transactions.
• Consider placing a fraud alert on your credit file by contacting any one of the three nationwide credit bureaus, which will notify the other two.
• Report suspected identity theft to the Federal Trade Commission at IdentityTheft.gov or by calling 1-877-438-4338, and file a report with local law enforcement if needed.
• Be cautious of phishing attempts that reference Quatrro Business Support Services or this breach by name, as scammers sometimes use real breach notifications to trick people into sharing more personal details.