TCM Data Breach Exposes SSNs and Affects Thousands

In July 2024, The Computer Merchant Ltd. (TCM), a major IT staffing and services firm, discovered a data breach impacting at least 34,127 individuals. In Jan. 2025, the company learned that the hackers made the stolen data from the incident publicly available.

An investigation took place and by May 2025, The Computer Merchant determined that personal information had been compromised in the data breach. Exposed information included names and Social Security numbers and possibly other personal information.

The Computer Merchant began notifying impacted individuals by mail on Aug. 19, 2025. The data breach was disclosed to the California, New Hampshire, Massachusetts, Texas and Maine Attorney Generals' offices on Aug. 21, 2025.

Of the 34,127 individuals compromised, 4,057 reside in Massachusetts, 2,981 are Texas residents, 261 reside in Maine. 433 in Rhode Island, and 366 in New Hampshire. The breach is considered severe, due to the length of time the exposed personal data went undiscovered.

The Computer Merchant’s response

In addition to required state and federal disclosures, The Computer Merchant is offering free IDX credit monitoring and identity theft protection services to affected individuals. Individuals must enroll by Nov. 19, 2025.

If you receive a letter from The Computer Merchant about this breach, you may want to:

• Sign up for the free IDX identity theft protection services, offered by TCM.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.

For more information about TCM, visit The Computer Merchant’s official website.