TADTS comfirms ransomware attack with data breach notices to 748,763 people

On July 9, 2024, The Alcohol & Drug Testing Service (TADTS) discovered a significant cybersecurity incident that resulted in the unauthorized download of sensitive data from its systems. The breach was extensive, affecting a reported total of 748,763 individuals across the United States. Among those impacted, 3,525 were Texas residents, while two individuals each were affected in Maine and Massachusetts.

The ransomware group, BianLian, claim credit for the attack. BianLian claimed to have 218 gigabytes of their data consisting of financial and HR records, drug test results, and email communications. The group made the announcement on the dark web.

‍

The disclosed types of compromised information included a wide range of personally identifiable information (PII) and protected health information (PHI): names, addresses, Social Security numbers, driver’s license numbers, government-issued ID numbers (such as passport or state ID card numbers), dates of birth, credit or debit card numbers, health insurance information, and financial account numbers.

When TADTS detected suspicious activity on July 9, 2024, they immediately began an investigation. The company confirmed that an unauthorized actor had downloaded data from its systems. The investigation, which involved a professional data mining team, took several months due to the volume of information involved. The review concluded recently, leading to the identification of affected individuals.

The breach was reported to federal law enforcement and disclosed to regulatory authorities in several states. Notices were filed with the Maine Attorney General and the Massachusetts Attorney General on July 17, 2025, followed by the Texas Attorney General and the Vermont Attorney General on July 18, 2025. The New Hampshire AG was notified on the 21st of July.

The company notified affected consumers by U.S. Mail, publication in print media, and postings on its website.

The Alcohol & Drug Testing Service's response

In response to the breach, TADTS acted quickly to contain and remediate the situation. The company reset all passwords, enhanced endpoint detection protocols, and implemented additional monitoring tools to strengthen system security. TADTS also engaged experienced privacy and cybersecurity professionals to assist with the investigation and response.

The company has provided resources to help affected individuals protect their information. These include a toll-free assistance line at 855-361-0328, available Monday through Friday from 8 a.m. to 8 p.m. Central Time, excluding U.S. holidays. The notice to consumers recommends that individuals remain vigilant, monitor their credit reports, review account statements, and report any suspicious activity to financial institutions. Additional resources and guidance, such as information on placing fraud alerts and security freezes with major credit bureaus, are included in the consumer notice.

Given the breadth of the data exposed—including Social Security numbers, financial account information, and health insurance details—affected individuals should take steps to protect themselves from potential identity theft or fraud. Reviewing credit reports regularly, placing fraud alerts, and considering a security freeze are prudent measures in light of the sensitive nature of the information involved.

More information about the company can be found on the TADTS website.