.png)
Ikron Corporation Data Breach Lawsuit Investigation
Shamis & Gentile P.A., one of the nation's premier class action law firms specializing in data breach cases, is investigating the IKRON Corporation data breach.
If you were affected by the data breach, your sensitive personally identifiable information may have been exposed, and you may be eligible for compensation.
About IKRON Corporation
IKRON Corporation is a nonprofit human services organization based in Cincinnati, Ohio. Founded in 1969, the organization serves approximately 2,267 adult and youth clients, offering integrated behavioral health and employment services.
IKRON has been accredited by CARF since 1975 and employs nearly 90 people, according to LinkedIn.
What Happened?
On or about Dec. 23, 2025, IKRON Corporation experienced a data security incident that affected its network and operations. In February 2026, IKRON discovered that an unauthorized third party had gained access to certain servers and files, extracting administrative and employment-related information connected to current and former employees.
Then, on or about March 4, IKRON learned that a second unauthorized party had infiltrated its network, accessing the electronic health record environment and extracting client health information, including protected health information and vocational services data.
The incident was reported to law enforcement and the U.S. Department of Health and Human Services on May 4, 2026. The breach affected approximately 11,845 individuals in the United States.
Additionally, a ransomware group known as Exitium claimed responsibility for the attack, stating on March 28, 2026, that they had obtained 278 GB of IKRON's data and intended to publish it on the dark web.
Information Exposed:
- Social Security numbers
- Addresses
- Appointment and billing information
- Appointment information
- Clinical information
- Clinical notes
- Dates of birth
- Diagnoses
- Driver’s license numbers
- Education or work history
- General disability-related information
- Health insurance information
- Information relating to employment or vocational services
- Intake and assessment records
- Intake and enrollment information
- Limited medication information
- Medical history
- Medical record numbers
- Names
- Program participation and service records
- Service-related notes or communications
- Treatment plans
IKRON has taken steps to address the breach, including engaging cybersecurity professionals, isolating affected servers, resetting passwords and offering 12 months of complimentary credit monitoring services to those impacted.
You May Be Entitled to Compensation
If your information was compromised in the IKRON Corporation data breach, you may be eligible to join a class action lawsuit and seek compensation. Lawyers are ready to help you protect your rights and pursue possible financial recovery for the harm caused by the breach.
To find out if you qualify, complete the below form to join the lawsuit investigation.
.svg)