.png)
Trusteed Plans Service Corp Data Breach Affects 19k People: SSNs Exposed
Names
Social Security Numbers
Dates of Birth
Addresses
Government IDs
Medical Info
Financial Info
Trusteed Plans Service Corporation (TPSC), a third-party administrator specializing in employee benefit plan administration, experienced a major data breach. On Dec. 26, 2024, the company identified suspicious activity within its internal network. An investigation determined that a cybercriminal gained access and obtained sensitive data from the TPSC computer environment.
A review was completed on Aug. 7, 2025 and revealed that both personally identifiable information (PII) and protected health information (PHI) were exposed. A total of 19,775 in the United States have been impacted. Compromised information included names, addresses, dates birth, Social Security numbers, health insurance information, medical treatment information, medical diagnosis information, medical procedure information, Medicare/Medicaid numbers.
The breach was officially disclosed to the various state agencies including the California Attorney General, Maine Attorney General, Montana Attorney General, Massachusetts Attorney General, Washington Attorney General and Oregon Attorney General office beginning on Sept. 15, 2025.
The Dept. of Health & Human Services was also notified on Sept. 17th. The cybersecurity incident was reported to the New Hampshire Attorney General on Sept. 22, 2025.
Trusteed Plans Service Corporation began notifying impacted individuals by mail on Sept. 15, 2025. Affected individuals includes 13,659 Washington residents, 112 in Montana, four in Maine and 10 Massachusetts residents..
Trusteed Plans Service Corporation's response
In response to the breach, TPSC disconnected network access, changed administrative credentials and restored operations in a safe and secure mode. The company is also providing impacted individuals 12 months of free cyber monitoring services through HaystackID, a company specializing in fraud assistance and remediation. Similar services are being offered to minors and estates of deceased individuals whose information was compromised in the cybersecurity incident.
If you receive a data breach notice from Trusted Plans Service Corporation, your employer or your insurer, you may want to:
- Sign up for the free cyber monitoring services, provided by the company.
- Monitor your credit reports and financial accounts for any unusual activity.
- Be alert for phishing emails or phone calls that may use your exposed information.
- Consider placing a fraud alert or credit freeze with major credit bureaus.
Data Breach Settlements
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
Subscribe to our weekly class actions newsletter.
.svg)