STRATeBEN Data Breach Exposes Social Security numbers

STRATeBEN, an employee benefits consulting and technology firm headquartered in Bethesda, Maryland, disclosed a data breach that exposed personal information of current and former group health plan members.

The breach was disclosed to the Vermont Attorney General on March 26, 2026, with two Vermont residents identified as affected. STRATeBEN discovered the breach on Dec. 3, 2025, and began notifying affected individuals on March 26, 2026.

The affected individuals were not STRATeBEN employees but rather members of health plans managed by employers that use STRATeBEN's consulting and technology services.

The total number of individuals affected across the United States was not disclosed in the available filing.

What happened in the STRATeBEN data breach

The incident started with a phishing attack that compromised a STRATeBEN employee's Microsoft 365 account.

Once inside, the unauthorized party accessed the account at various times between Aug. 14, 2025, and Nov. 9, 2025. The intruder had intermittent access to the account for a period spanning nearly three months.

The compromised email account contained files that employers had shared with STRATeBEN to support the management of their employee benefit plans. After a comprehensive review of the files in the compromised account, the company confirmed on March 18, 2026, that one or more of them contained personal information belonging to affected individuals.

The types of personally identifiable information exposed included names, Social Security numbers and dates of birth.

STRATeBEN's response to the breach

STRATeBEN sent notification letters to affected individuals via first-class mail.

Given the sensitive nature of the information that was exposed, STRATeBEN is offering one year of complimentary identity monitoring services through Kroll, a global risk mitigation firm. The monitoring package includes triple-bureau credit monitoring, which sends alerts when changes appear on a credit report at any of the three major credit bureaus.

Affected individuals also receive unlimited access to Kroll fraud consultation specialists who can help explain their rights, assist with fraud alerts and investigate suspicious activity.

Affected individuals can activate their identity monitoring by visiting Kroll's enrollment page and entering the unique membership number provided in their notification letter.

STRATeBEN has also established a dedicated toll-free call center for those who have questions about the incident or need help understanding the steps they can take. The call center can be reached at 844-403-4520, available Monday through Friday from 8:00 a.m. to 5:30 p.m. Central Time, excluding holidays.

The company can also be reached at its main number, 888-575-0075, at 3 Bethesda Metro Center, Suite 700, Bethesda, MD 20814.

Steps to take if your information was exposed

• Place a fraud alert or credit freeze with Equifax (1-888-378-4329), Experian (1-888-397-3742) and TransUnion (1-833-799-5355) to make it harder for someone to open new accounts using stolen information.
• Request free credit reports at AnnualCreditReport.com and review them carefully for any unfamiliar accounts, hard inquiries or other suspicious activity.
• Monitor bank and credit card statements regularly for unauthorized transactions and report any suspicious charges to the financial institution right away.
• Be cautious of phishing attempts that reference STRATeBEN or this data breach by name, as scammers sometimes use real breach notifications to trick people into sharing more personal information.
• Consider filing an identity theft report with the Federal Trade Commission at IdentityTheft.gov or by calling 1-877-438-4338 if any suspicious activity is detected.
• Contact local law enforcement to file a police report if there are signs that personal information has been misused.