.png)
LKQ Corporation Data Breach Investigation
Shamis & Gentile P.A., one of the nation's premier class action law firms specializing in data breach cases, is investigating the LKQ Corporation data breach.
If you were affected by the data breach, your sensitive personally identifiable information may have been exposed, and you may be eligible for compensation.
About LKQ Corporation
LKQ Corporation is a major global distributor of alternative and specialty auto parts, focusing on the repair and accessorizing of automobiles and other vehicles.
Founded in 1998, the company has expanded rapidly through a series of acquisitions and now operates over 500 facilities worldwide. With a workforce of thousands, LKQ Corporation supplies replacement systems, components, and parts to repair and customize cars, trucks and recreational vehicles.
What happened?
In early October 2025, LKQ Corporation discovered a cybersecurity incident involving its Oracle E-Business Suite application. On Oct. 3, 2025, LKQ’s security team became aware that a third party was exploiting newly announced vulnerabilities in Oracle’s software.
The company quickly launched an investigation with the help of a third-party forensic firm and took the affected system offline to contain the breach. After analyzing the affected data, LKQ found that sensitive personal information belonging to certain individuals had been exposed. The breach was publicly disclosed to authorities in December 2025.
Notably, the CL0P ransomware group claimed responsibility for the attack and posted about the breach on the dark web on Oct. 22, 2025.
Information Exposed
- Name of individual
- Address
- Social Security number
- Employer Identification Number
- Other information related to sole proprietor suppliers
The breach affected at least 9,070 people in the United States, including 1,119 in Texas, 189 in Massachusetts, 27 in New Hampshire and 31 in Maine. LKQ began notifying affected individuals by U.S. Mail on Dec. 15, 2025.
Your Rights and Next Steps
If you received a notice from LKQ Corporation regarding this data breach, it is important to know your rights and take action to protect yourself. LKQ is offering two years of complimentary credit monitoring and identity restoration services through Cyberscout, a TransUnion company. Affected individuals are encouraged to enroll in these services by March 31, 2026.
Potential Next Steps:
- Communication and credit monitoring services: Review and save any notification letters you receive. Enroll in free credit monitoring and identity protection services, if offered.
- Monitor your accounts carefully: Check your financial statements regularly for suspicious activity or unauthorized transactions. If you notice anything unusual, contact your financial institution immediately.
- Fraud alert and credit reports: A fraud alert informs creditors to take extra steps to verify your identity before opening new accounts in your name. Consumers are also entitled to one free credit report annually from each credit bureau. You can request a fraud alert or a credit report by contacting any one of the three major credit bureaus.
- Seek legal help: Lawyers are ready to help you understand your rights and pursue compensation.
You May Be Entitled to Compensation
If your personal information was exposed in the LKQ Corporation data breach, you may be eligible for compensation, which could include reimbursement for out-of-pocket expenses, time spent addressing the breach, or payment for emotional distress.
Data breach laws provide protections and remedies for individuals whose sensitive information is compromised due to a company’s failure to safeguard data. To find out if you qualify and to join a lawsuit, complete the form below.
.svg)