.png)
ARC Community Services Data Breach Lawsuit Investigation
Shamis & Gentile P.A., one of the nation's premier class action law firms specializing in data breach cases, is investigating the ARC Community Services data breach.
If you were affected by the data breach, your sensitive personally identifiable information may have been exposed, and you may be eligible for compensation.
About ARC Community Services
ARC Community Services is a nonprofit organization based in Madison, Wisconsin. Since 1976, ARC Community Services has provided community-based support services for women and children, including counseling, parental guidance, treatment programs for pregnant and postpartum women, education support services, case management and health assistance.
The organization operates several facilities in Wisconsin, including three residential facilities in Madison and one in Fond du Lac, as well as eight outpatient treatment centers. ARC Community Services focuses on helping women offenders and their families through both inpatient and outpatient substance abuse treatment programs. The organization’s work often involves collecting and maintaining sensitive personal and health information as part of its services.
What happened?
In November 2024, ARC Community Services discovered unauthorized activity in its computer network. On Nov. 4, 2024, the organization detected a ransomware attack by a group known as INC RANSOM. Immediate action was taken, including taking systems offline and engaging cybersecurity specialists to investigate and remediate the incident.
The investigation revealed that files containing protected health information were taken from ARC Community Services’ network. The breach exposed different types of information for different individuals.
Information Potentially Exposed
- Social Security numbers
- Contact information (such as first and last name and address)
- Dates of birth
- Medical record numbers
- Health information
- Driver’s license numbers
- Financial account information
The company posted a Notice of Data Breach on its website, and disclosed the cybersecurity incident to the New Hampshire Attorney General's office on Dec. 4, 2025.
Your Rights and Next Steps
If you received a notice about the ARC Community Services data breach or believe your information may have been involved, you have important rights and options. You may be entitled to seek compensation for any harm or inconvenience caused by this cybersecurity incident.
- Communication and credit monitoring services: Review and save any notification letters you receive. Enroll in free credit monitoring and identity protection services, if offered.
- Monitor your accounts carefully: Check your financial statements regularly for suspicious activity or unauthorized transactions. If you notice anything unusual, contact your financial institution immediately.
- Fraud alert and credit reports: A fraud alert informs creditors to take extra steps to verify your identity before opening new accounts in your name. Consumers are also entitled to one free credit report annually from each credit bureau. You can request a fraud alert or a credit report by contacting any one of the three major credit bureaus.
- Seek legal help: Lawyers are ready to help you understand your rights and pursue compensation.
You May Be Entitled to Compensation
If you received a notice about this data breach or believe your information may have been involved, you may be eligible for compensation, which could include reimbursement for out-of-pocket expenses, time spent addressing the breach, or payment for emotional distress.
Data breach laws provide protections and remedies for individuals whose sensitive information is compromised due to a company’s failure to safeguard data. To find out if you qualify and to join a lawsuit, complete the form below.
.svg)