Yellow Corporation Data Breach Impacts 13k: PHI and PII Exposed

Published
July 2, 2026
Updated
July 2, 2026
Yellow Corporation Data Breach Impacts 13k: PHI and PII Exposed
Yellow Corporation

Yellow Corp. and its affiliated debtors disclosed a data breach that occurred on March 27, 2025. The company and its affiliates are currently operating as debtors-in-possession under jointly administered Chapter 11 bankruptcy cases (Case No. 23-11069) filed in the U.S. Bankruptcy Court for the District of Delaware.

On or about March 27, 2025, Yellow identified suspicious activity on its computer network. In response, the company launched an investigation with the assistance of third-party cybersecurity specialists.

During the investigation, Yellow determined that certain files on its computer network were accessed and exfiltrated without authorization on March 27, 2025. After identifying the specific files that were involved, the company conducted a review to determine what personal information was contained in them and to identify the individuals whose data was affected.

The review found that the exposed information may include names, Social Security numbers, dates of birth, driver's license or state identification card numbers, passport numbers, other government-issued identification card numbers, financial account numbers, payment card numbers, medical information and health insurance information.

The breach affected 13,183 Texas residents, 491 Massachusetts residents and 37 Vermont residents. The company reported the incident the California Attorney General and posted a notice on its website.

According to the company's notification, the substantial majority of the people whose information was affected were former Yellow employees.

Yellow Corp.'s response to the breach

Yellow is providing free resources and guidance to affected individuals. According to the company's notice, these resources include instructions on how to access free annual credit reports, how to place fraud alerts and how to set up credit freezes with the three major credit reporting bureaus.

The company encouraged individuals to remain vigilant against identity theft and fraud. Yellow recommended that people review their account statements, monitor their credit reports for suspicious activity and promptly report any unusual transactions to their credit card company, bank, healthcare provider or insurance company.

Yellow has set up a dedicated toll-free assistance line at 833-289-4340 with agents ready to answer questions, available Monday through Friday from 9 a.m. to 9 p.m. EST, excluding U.S. holidays. Affected individuals may also write to Yellow Corp. at 11500 Outlook St., Suite 400, Overland Park, KS 66211.

Types of INFORMATION affected
  • Names
    Names
  • Social security numbers
    Social Security Numbers
  • Dates of birth
    Dates of Birth
  • Addresses
    Addresses
  • Government IDs
    Government IDs
  • Medical Information
    Medical Info
  • Financial Info
    Financial Info
  • Affected information types not yet disclosed

Notice Letter

This browser does not support inline PDFs. Please download the PDF to view it: Download PDF

Affected Entity
Yellow Corporation
Consumers Notification date
Date of Breach
March 27, 2025
Breach Discovered Date
Total People Affected
Information Types Exposed
  • Name of individual
  • Social Security Number Information
  • Driver’s License number
  • Government-issued ID number (e.g. passport, Social Security number, credit or debit card number)
  • Medical Information
  • Health Insurance Information
  • Date of
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image