Victory Disability Data Breach Exposes Sensitive Patient Info

Victory Disability, a Pennsylvania-based law firm specializing in Social Security and VA disability claims for veterans, recently experienced a significant data breach that may have involved both personally identifiable information (PII) and protected health information (PHI) of current and former patients, including at least 3,045 residents in Texas, 130 in Massachusetts and 38 in New Hampshire.

In November 2025, Victory Disability became aware of claims that an unauthorized party had obtained information belonging to the firm. The company immediately launched an investigation, working with third-party cybersecurity specialists to determine the scope and impact of the incident.

The investigation revealed that, between Oct. 27 and Nov. 12, 2025, an unknown party accessed a portion of Victory Disability’s systems. During this window, the unauthorized party may have viewed or copied sensitive information stored on the firm’s network.

The types of information exposed includes name, contact information, government-issued ID numbers, Social Security number, date of birth, and health insurance details and sensitive medical information. Beginning on Dec. 12, 2025, the incident was disclosed to the Vermont, New Hampshire, Massachusetts, Texas and California Attorney Generals' offices.

Victory Disability's response

Upon learning of the breach, Victory Disability activated its incident response protocols, secured its environment and notified federal law enforcement authorities. The firm engaged independent cybersecurity experts to assist with the investigation and to monitor for any signs that client information might be circulating on dark web forums or marketplaces.

To help protect affected individuals, Victory Disability is offering complimentary credit monitoring and identity protection services for 24 months.

If you receive notification from Victory Disability or your provider about this breach, you may want to:

• Sign up for the free Cyberscout identity theft protection services, offered by Victory Disability.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.

For affected individuals with questions, Victory Disability has set up a call center at 877-332-1724, Monday through Friday, 8 a.m. to 8 p.m. CT.