Sapp Bros. Data Breach Affects 16,292 Individuals

Sapp Bros., Inc., a well-known operator of travel centers and a major petroleum distributor headquartered in Omaha, Nebraska, recently experienced a significant data breach that impacted employees and possibly customers. On Aug. 25, 2025, an unauthorized actor gained access to information stored on the Sapp Bros. network.

The breach was attributed to a hacking group known as Worldleaks, which claimed responsibility for leaking the data on the dark web on Sept. 23, 2025, via a posting on the Tor network. The compromised data primarily involved employee information, but the full extent of affected parties is still being clarified.

Through a combination of programmatic and manual review, it was determined on Nov. 10, 2025, that personally identifiable information (PII) was among the data accessed by the attacker. The information exposed included full names, address, city, state, zip code, Social Security number, demographic information and, in some cases, driver’s license numbers.

The breach affected approximately 16,292 individuals nationwide, including 1,741 Iowa residents, as reported in the disclosure to the Iowa Attorney General on Dec. 11, 2025.

The severity of this breach lies in the types of data exposed. Social Security numbers and driver’s license numbers are highly sensitive and can be misused for identity theft or fraud. The attack appears to have been targeted and sophisticated, taking advantage of vulnerabilities in the network before the company could respond.

Sapp Bros' response

In the immediate aftermath of the breach, Sapp Bros. took several steps to secure their systems and protect affected individuals. To support those affected, Sapp Bros. has arranged for free credit monitoring and identity protection services through IDX for 12 months. Impacted individuals can enroll in these services until March 10, 2026.

If you receive notification from Sapp Bros. or your provider about this breach, you may want to:

• Sign up for the free IDX identity theft protection services, offered by Sapp Bros.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.