Sheheen, Hancock & Godwin: 10 GB Data Breach Update

Published

September 29, 2025

Updated

September 29, 2025

Sheheen, Hancock & Godwin

Types of INFORMATION affected

Names
Social Security Numbers
Dates of Birth
Addresses
Government IDs
Medical Info
Financial Info

On May 19, 2025, Sheheen, Hancock & Godwin LLP, a certified public accounting firm based in South Carolina, discovered a data breach. A investigation determined that an unauthorized actor gained access and copied or downloaded certain files and folders on April 8, 2025.

The ransomware group known as LYNX claimed responsibility for the attack, stating on a dark web posting dated April 25, 2025, that they had obtained 10 GB of company data. A review completed on Sept. 3, 2025 revealed that exposed information may have included name, Social Security number, government identification number, Passport number, Taxpayer Identification number, financial account information, date of birth, medical information, and health insurance information.

Sheheen, Hancock & Godwin LLP published a Notice of Data Incident on its website on Sept. 25, 2025. The firm began notifying impacted individuals by mail on the same day. The total number of affected individuals has not been released but includes 49 Maine residents, 56 in Massachusetts, 416 in Texas, 15 Montana residents and 19 in New Hampshire.

The cyberattack has was also disclosed to multiple state authorities beginning on Sept. 25, 2025, including the Maine, Massachusetts, Texas, Vermont, Montana and New Hampshire Attorneys' General offices.

Sheheen, Hancock & Godwin LLP's response

In addition to required state and federal disclosures, the firm is offering impacted individuals 12 free months of Trans Union Cyberscout single-bureau credit monitoring and identity protection services. The company also established a dedicated assistance line for questions at 1-833-844-8187, 8:00 a.m. and 8:00 p.m. Eastern Time, Monday through Friday,

If you receive a notice from Sheheen, Hancock & Godwin LLP, you may want to:

Sign up for the free credit monitoring and identity protection services, offered by the firm.
Monitor your credit reports and financial accounts for any unusual activity.
Be alert for phishing emails or phone calls that may use your exposed information.
Consider placing a fraud alert or credit freeze with major credit bureaus.

More information about the firm can be found on the Sheheen, Hancock & Godwin LLP website.

Protect Your Data

A breach notice means your personal details could be circulating far beyond the organization involved. One practical step is continuous monitoring: services such as Identity Defender (included with an ExpressVPN subscription) can automatically check dark-web markets, flag new credit-file activity, and request removal of your information from data-broker sites.

This kind of “early-warning system” can’t undo a breach, but it can help you spot misuse quickly and limit further exposure. ExpressVPN is offering 61% off, risk-free for 30 days, with ID Theft Insurance included and no extra cost for those who sign up for one or two years.