Alcott HR Data Breach: Social Security Numbers Compromised

Alcott HR, a New York-based human resources outsourcing firm, disclosed a data breach that occurred in February 2025. The total number of individuals affected nationwide was not disclosed, although 103 Rhode Island residents were identified as affected.

On Feb. 12, 2025, Alcott HR noticed unusual activity on some of its systems. The company implemented its incident response protocols and engaged independent computer forensic experts to assist with a thorough investigation.

The investigation determined that an unauthorized user gained access to some of Alcott's systems where personal information was stored. In March 2026, the company completed its review of the affected data and determined which individuals had information that was potentially accessed during the incident.

Alcott states that its human capital management platform, iSolved, which stores employee data such as tax forms, benefits enrollment and banking information, was not affected by the incident.

The types of personally identifiable information exposed included names, Social Security numbers, dates of birth, government ID numbers, financial account codes, credit and debit account info and health records.

The breach was reported to the California Attorney General and to the Vermont Attorney General starting on June 17, 2026. Alcott began sending notification letters to affected individuals dated June 15, 2026.

On Feb. 25, 2025, the ransomware group, PLAY Ransomware, posted on their dark web portal claiming credit for the cyberattack. The group claimed to have obtained organization's database with plans to publish it on March 1, 2025. The grouped claimed to have compromised data that included private and personal confidential data, client documents, budget, payroll, accounting, taxes, IDs and financial information.

Alcott HR's response

Alcott HR is offering affected individuals 24 months of free identity theft protection services through Cyberscout. To enroll, individuals should visit the Cyberscout activation page and enter the unique code included in their notification letter. Enrollment must be completed within 90 days of the date of the letter.

Alcott HR has also set up a dedicated call center for individuals who have questions about the incident. Representatives are available at 1-844-507-4934, Monday through Friday from 8 a.m. to 8 p.m. Eastern time.