Home
>
Data Breach>RFK Racing

RFK Racing Data Breach Affects Several Thousand

Published
September 15, 2025
Updated
October 9, 2025
RFK Racing Data Breach Affects Several Thousand
RFK Racing
Types of INFORMATION affected
  • Names
    Names
  • Social security numbers
    Social Security Numbers
  • Dates of birth
    Dates of Birth
  • Addresses
    Addresses
  • Government IDs
    Government IDs
  • Medical Information
    Medical Info
  • Financial Info
    Financial Info

Affected by the

RFK Racing

data breach?

Join the Lawsuit

It's free to join. 

On May 14, 2025, Roush Fenway Keselowski Racing, LLC (RFK Racing) discovered suspicious activity on certain systems within its network. An investigation took place and revealed that a cybercriminal accessed or acquired files containing sensitive information.

A review took place and it was determined on Aug. 4, 2025 that the cybersecurity incident compromised personally identifiable information (PII) of an estimated 13,362 individuals. Information exposed included names, addresses, Social Security numbers, dates of birth, driver's license or state ID numbers, health insurance subscriber number, passport number, financial account information, health insurance information, health insurance claim information and medical information.

The company notified affected individuals by written letter on Sept. 12, 2025 and published a security notice on its website.

The breach was also disclosed to the Maine Attorney General’s office, the Massachusetts Attorney General’s office and the Vermont Attorney General’s office, the Montana Attorney General and the New Hampshire Attorney General beginning on Sept. 12, 2025.

The data breach was also disclosed to the U.S. Department of Health and Human Services on Sept. 12, 2025. In addition to PII, the breach compromised the protected health information of at least 2,160 individuals.

Roush Fenway Keselowski Racing's response

In addition to required state and federal disclosures, RFK Racing is offering affected individuals 24 free months of TransUnion Cyberscout single-bureau credit monitoring services.

If you receive notice from Roush Fenway Keselowski Racing about this breach, you may want to:

  • Sign up for the free credit monitoring services, provided by the company.
  • Monitor your credit reports and financial accounts for any unusual activity.
  • Be alert for phishing emails or phone calls that may use your exposed information.
  • Consider placing a fraud alert or credit freeze with major credit bureaus.

More information about the team can be found on the RFK Racing website.

Notice Letter

This browser does not support inline PDFs. Please download the PDF to view it: Download PDF

Sources

Disclosures

Breach Summary

Affected Entity
RFK Racing
Consumers Notification date
September 12, 2025
Date of Breach
Breach Discovered Date
August 04, 2025
Total People Affected
2160
Information Types Exposed
  • Credit/Debit Numbers
  • Drivers Licenses
  • Financial Account
  • Medical Records
  • Social Security number
  • Date of birth
  • Name

Data Breach Settlements

48forty Solutions LLC Data Breach Class Action Settlement
Communication Federal Credit Union Data Breach Settlement
JSP International Group Data Breach Class Action Settlement
Willis-Knighton Medical Center Patient Privacy Settlement
Transak USA $601,000 Data Breach Class Action Settlement
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image

What to Read Next

Pan-American Data Breach Affects PII & PHI
October 30, 2025
Pan-American Data Breach Affects PII & PHI
JFS Wealth Advisors Data Breach Affects 865 Residents
October 30, 2025
JFS Wealth Advisors Data Breach Affects 865 Residents
Roger Keith & Sons Data Breach Affects Client PII & PHI
October 30, 2025
Roger Keith & Sons Data Breach Affects Client PII & PHI
Rogers Mechanical Data Breach Affects PII and PHI
October 30, 2025
Rogers Mechanical Data Breach Affects PII and PHI