Johnson Controls Data Breach Lawsuit Investigation

Shamis & Gentile P.A., one of the nation's premier class action law firms specializing in data breach cases, is investigating the Johnson Controls data breach.
If you were affected by the data breach, your sensitive personally identifiable information may have been exposed, and you may be eligible for compensation.
About Johnson Controls
Johnson Controls International plc is a global company specializing in building products and solutions. With a strong focus on fire safety, HVAC (heating, ventilation, and air conditioning), and security equipment, Johnson Controls has established itself as a major player in the mechanical and industrial engineering industry. The company was originally founded in 1885 in the United States and is now headquartered in Cork, Ireland.
Employing around 100,000 people across more than 2,000 locations in 150 countries, Johnson Controls offers a wide range of products and services for smart building technologies. Their solutions are used in diverse sectors such as healthcare, education, airports, and manufacturing. Over the years, Johnson Controls has been recognized for its commitment to sustainability, innovation, and corporate responsibility.
The February 2023 Data Breach
In February 2023, Johnson Controls experienced a data breach that may have affected tens of thousands of individuals. The breach was officially disclosed to the California Attorney General's office on June 30, 2025, and to the Texas and Vermont Attorney General's offices on July 1, 2025. According to reports, at least 38,037 people in Texas alone were impacted.
The following types of consumer information were exposed in this incident:
- Name
- Other (as specified in official notices)
Johnson Controls notified affected individuals by posting information on its website and through U.S. Mail. You can find more details and official disclosures on the Texas Attorney General's website, the California Attorney General's website, the Vermont Attorney General's website, and the Johnson Controls Notice of Data Breach.
Your Rights and Next Steps
If you received a notice from Johnson Controls or believe your information may have been involved, you have important rights. Data breach victims often face increased risks of identity theft, fraud, and privacy violations. You can take several steps to protect yourself:
- Review any communications from Johnson Controls carefully and keep them for your records.
- Monitor your financial accounts and credit reports for any unusual activity.
- Consider placing a fraud alert or security freeze on your credit file.
- Take advantage of any credit monitoring or identity protection services offered.
You also have the right to seek legal recourse. Lawyers are ready to help you understand your options and pursue compensation if your information was compromised. By joining a class action lawsuit, you may be able to recover damages for any harm suffered as a result of the breach.
You May Be Entitled to Compensation
If you were affected by the Johnson Controls data breach, you may be eligible for compensation. Lawyers are ready to help you determine your eligibility and guide you through the process. To get started, complete the below form to join the lawsuit and protect your rights.