ArdyssLife Data Breach Exposes Social Security Numbers

Published
February 12, 2025
Updated
March 16, 2025
ArdyssLife Data Breach Exposes Social Security Numbers
ArdyssLife
Types of INFORMATION affected
  • Names
    Names
  • Social security numbers
    Social Security Numbers
  • Dates of birth
    Dates of Birth
  • Addresses
    Addresses
  • Government IDs
    Government IDs
  • Medical Information
    Medical Info
  • Financial Info
    Financial Info

Affected by the

ArdyssLife

data breach?

Join the Lawsuit

It's free to join. 

On December 9, 2024, ArdyssLife discovered a data breach involving unauthorized access to customer information stored on servers managed by their third-party provider, Epic. The breach occurred between December 8 and December 9, 2024, when an intruder successfully installed malware on the servers, gaining access to sensitive customer data.

The compromised information potentially includes customers' first and last names, addresses, phone numbers, email addresses, Social Security numbers, and dates of birth. Banking information, including credit or debit card details, was not exposed in this incident.

On December 23, 2024, a threat actor with the username "0mid16B" posted claiming responsibility for the breach. The individual alleged possession of a database containing 1.17 million customer records from Ardyss digital and ArdyssLife.

The compromised database reportedly includes customer IDs, full names, emails, phone numbers, addresses, and passwords, totaling approximately 596 GB in size. The threat actor stated that the breach occurred on December 4, 2024, slightly earlier than the company's reported timeline.

The company officially notified affected customers on February 12, 2025. In total, ArdyssLife reported that 42,420 individuals in Texas alone were impacted by this breach, as disclosed on the Texas Attorney General's data security breach reports page. Additionally, the breach was disclosed to the California Attorney General's office on February 12, 2025, as documented in their official data breach disclosure.

ArdyssLife's response

Upon discovering the breach, ArdyssLife immediately engaged cybersecurity experts to remove the malware and secure the affected servers. The company is actively cooperating with federal and state authorities to investigate the breach further.

ArdyssLife advises affected customers to remain vigilant for suspicious activity related to their personal and financial accounts. Customers are encouraged to regularly monitor their financial statements and credit reports for unauthorized transactions or activities and promptly report any suspicious activity to their financial institutions.

Additionally, ArdyssLife recommends customers learn more about identity theft prevention and response by visiting California's privacy website.

Customers seeking further information or assistance can contact ArdyssLife directly via email at service@arydsslife.com.

Notice Letter

This browser does not support inline PDFs. Please download the PDF to view it: Download PDF

Affected Entity
ArdyssLife
Consumers Notification date
February 12, 2025
Date of Breach
December 9, 2024
Breach Discovered Date
December 9th, 2024
Total People Affected
Information Types Exposed
  • First and last name
  • Address
  • Phone number
  • Email
  • Social security number
  • Date of Birth
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image