Victory Disability Data Breach Exposes Sensitive Patient Info

Published

December 15, 2025

Updated

December 15, 2025

Victory Disability

Types of INFORMATION affected

Names
Social Security Numbers
Dates of Birth
Addresses
Government IDs
Medical Info
Financial Info
Affected information types not yet disclosed

Victory Disability, a Pennsylvania-based law firm specializing in Social Security and VA disability claims for veterans, recently experienced a significant data breach that may affect current and former clients across the United States. While the exact number of affected individuals has not been publicly disclosed, the breach involved both personally identifiable information (PII) and protected health information (PHI).

In November 2025, Victory Disability became aware of claims that an unauthorized party had obtained information belonging to the firm. The company immediately launched an investigation, working with third-party cybersecurity specialists to determine the scope and impact of the incident.

The investigation revealed that, between Oct. 27 and Nov. 12, 2025, an unknown party accessed a portion of Victory Disability’s systems. During this window, the unauthorized party may have viewed or copied sensitive information stored on the firm’s network.

The types of information exposed includes name, contact information, government-issued ID numbers, Social Security number, date of birth, and health insurance details and sensitive medical information. The incident was disclosed to the Vermont and California Attorney Generals' offices on Dec. 12, 2025.

Victory Disability's response

Upon learning of the breach, Victory Disability activated its incident response protocols, secured its environment and notified federal law enforcement authorities. The firm engaged independent cybersecurity experts to assist with the investigation and to monitor for any signs that client information might be circulating on dark web forums or marketplaces.

To help protect affected individuals, Victory Disability is offering complimentary credit monitoring and identity protection services for 24 months.

If you receive notification from Victory Disability or your provider about this breach, you may want to:

Sign up for the free Epiq identity theft protection services, offered by Victory Disability.
Monitor your credit reports and financial accounts for any unusual activity.
Be alert for phishing emails or phone calls that may use your exposed information.
Consider placing a fraud alert or credit freeze with major credit bureaus.

For affected individuals with questions, Victory Disability has set up a call center at 877-332-1724, Monday through Friday, 8 a.m. to 8 p.m. CT.