SunSource Data Breach Exposes SSNs and Medical Records

SunSource Borrower LLC, a North American industrial distributor of fluid power and motion control technologies, experienced a data breach that exposed highly sensitive personal information.

Between March 31 and April 5, 2026, an unauthorized third party gained access to a part of SunSource's network. During the window, the intruder accessed certain files stored on a portion of the company's file server.

On April 30, 2026, a ransomware group known as Payouts King claimed responsibility for the attack on the Tor network, allegedly having obtained 700 GB of the organization's data.

On May 4, 2026, the subsequent investigation determined that the compromised files contained personal information belonging to affected individuals. The information compromised included both personally identifiable information and protected health information such as names, addresses, government-issued ID numbers, Social Security numbers, credit and debit card numbers, driver's license numbers, financial account information and medical records.

SunSource began notifying affected consumers on June 16, 2026. 2,142 Texas residents and 193 Massachusetts residents were impacted as a result of the breach.

SunSource's response to the breach

SunSource is offering affected individuals a complimentary two-year membership of identity monitoring services through Kroll. Affected individuals can enroll by visiting Kroll's enrollment site and entering the unique membership number included in their notification letter. Enrollment must be completed by the deadline printed in each person's letter.

SunSource has also set up a dedicated call center to answer questions. The call center is available from 8 a.m. to 5:30 p.m. Central Time, Monday through Friday, excluding major U.S. holidays.