Crossroads Trading Data Breach Exposes Social Security Numbers

On February 15, 2025, Crossroads Trading Co., Inc. experienced a significant data breach when an unauthorized third party gained access to the company's server and encrypted sensitive data stored on its network. Immediately after discovering the breach, Crossroads Trading's IT team responded swiftly, securing the network, restoring systems, and preventing further unauthorized access.

A thorough forensic investigation confirmed that the unauthorized access was limited to a specific segment of the company's network. However, the attacker, identified as the ransomware group Qilin, claimed responsibility for the incident. On February 21, 2025, the Qilin group posted on the dark web, stating they had obtained Crossroads Trading Company's data and threatened to make it available for download on February 27, 2025. They also provided sample screenshots of the stolen data on their dark web portal.

The compromised data included personally identifiable information (PII) of affected individuals, specifically names, Social Security numbers, driver's license numbers, and other government-issued identification numbers such as passports or state ID cards. The company reported that 1,525 residents of Texas and 32 residents of New Hampshire were affected by the breach.

Crossroads Trading Co., Inc. formally disclosed the breach to the New Hampshire Attorney General's office on March 25, 2025, and to the Texas Attorney General's office on March 26, 2025. You can review the official disclosure on the Texas Attorney General's data security breach reports page and on the New Hampshire Attorney General's website.

Crossroads Trading's response

Following the breach, Crossroads Trading retained cybersecurity experts to investigate the incident thoroughly and engaged a cyberthreat firm to prevent the encrypted data from being published, distributed, or misused. They also proactively contacted the Federal Bureau of Investigation (FBI) and cooperated fully with their investigation.

On February 26th, Crossroads Trading notified its employees of the incident via email as a proactive measure. On March 25, 2025, the company began notifying all potentially impacted individuals by U.S. mail. Crossroads Trading has offered affected individuals complimentary identity theft protection services through Experian's IdentityWorks program. This service includes credit monitoring, identity restoration assistance, daily credit reports, and $1 million in identity theft insurance coverage.

If you received a notification from Crossroads Trading, it is recommended that you enroll in the IdentityWorks program promptly, review your credit reports regularly, and closely monitor your financial accounts for any suspicious activity. Additionally, you may consider placing a fraud alert or security freeze on your credit file to further protect yourself from potential identity theft or fraud.

For more details, visit the Crossroads Trading Co., Inc. website.