.png)
IMDataCenter Data Breach Lawsuit Investigation
Shamis & Gentile P.A., one of the nation's premier class action law firms specializing in data breach cases, is investigating the IMDataCenter data breach.
If you were affected by the data breach, your sensitive personally identifiable information may have been exposed, and you may be eligible for compensation.
About IMDataCenter
IMDataCenter is a Florida-based division of Brooks Integrated Marketing, specializing in data improvement and management services for marketing purposes. The company operates a large-scale marketing data platform and provides services such as identity resolution, phone and email appending, and integrated marketing solutions for clients in various industries.
IMDataCenter manages a data library that reportedly includes details on more than 260 million individuals, 130 million households, 600 million emails and 550 million phone numbers. Founded in 2009, the company provides data-driven solutions to businesses, healthcare providers, universities and political campaigns.
What happened?
In July 2025, IMDataCenter experienced a massive data breach after a misconfigured Amazon Web Services (AWS) storage bucket exposed sensitive information online. The exposed database, totaling approximately 38GB, was left accessible without password protection or encryption.
During the time the AWS storage bucket was vulnerable, at least one hacker was able to access and download the unprotected files. A hacker known as ThinkingOne, claimed to have downloaded around 40GB of data, which expanded to roughly 75GB when uncompressed.
According to reports, the data breach affected at least 10,820 records and included information from both individuals and client companies. Some hacked files referenced client organizations such as airlines, healthcare providers, universities and car dealerships.
Exposed Information
- Name
- Physical address
- Phone number
- Email address
- Social Security number
- Date of birth
- Lifestyle information
- Home or vehicle ownership information
Following the breach, companies that used IMDataCenter’s services, including Apex Class Action, began notifying affected individuals.
Your Rights and Next Steps
If you received a notice about the IMDataCenter data breach or believe your information may have been involved, you have important rights and options. You may be entitled to seek compensation for any harm or inconvenience caused by this cybersecurity incident.
- Communication and credit monitoring services: Review and save any notification letters you receive. Enroll in free credit monitoring and identity protection services, if offered.
- Monitor your accounts carefully: Check your financial statements regularly for suspicious activity or unauthorized transactions. If you notice anything unusual, contact your financial institution immediately.
- Fraud alert and credit reports: A fraud alert informs creditors to take extra steps to verify your identity before opening new accounts in your name. Consumers are also entitled to one free credit report annually from each credit bureau. You can request a fraud alert or a credit report by contacting any one of the three major credit bureaus.
- Seek legal help: Lawyers are ready to help you understand your rights and pursue compensation.
You May Be Entitled to Compensation
If your personal information was exposed in the IMDataCenter data breach, you may be eligible for compensation, which could include reimbursement for out-of-pocket expenses, time spent addressing the breach, or payment for emotional distress.
Data breach laws provide protections and remedies for individuals whose sensitive information is compromised due to a company’s failure to safeguard data. To find out if you qualify and to join a lawsuit, complete the form below.
.svg)