Lockton Data Breach Affects Over One Million Americans: SSNs Exposed

Published
March 24, 2025
Updated
April 14, 2025
Lockton Data Breach Affects Over One Million Americans: SSNs Exposed
Lockton
Types of INFORMATION affected
  • Names
    Names
  • Social security numbers
    Social Security Numbers
  • Dates of birth
    Dates of Birth
  • Addresses
    Addresses
  • Government IDs
    Government IDs
  • Medical Information
    Medical Info
  • Financial Info
    Financial Info

Affected by the

Lockton

data breach?

Join the Lawsuit

It's free to join. 

On February 5, 2025, Southeast Series of Lockton Companies, LLC ("Lockton") discovered a significant data breach involving unauthorized access to sensitive personal information of 1,055,380 people in the United States. The breach occurred on November 20, 2024, when Lockton identified suspicious activity on one of its internal computers.

An investigation revealed that an unauthorized party accessed a single individual account and computer within Lockton's environment, obtaining certain files containing personal consumer data. Lockton then conducted an extensive review of the compromised files to identify affected individuals. The review concluded on February 5, 2025, confirming that personal information of numerous individuals was exposed.

Information Exposed:

  • Full names
  • Addresses
  • Social Security numbers
  • Medical information
  • Health insurance information
  • Dates of birth

Individuals affected by region:

  • United States: 1,055,380 residents
  • Texas: 102,586 individuals (up from the original 9,586 figure - updated April 10, 2025)
  • South Carolina: 11,007 individuals
  • Massachusetts: 2 individuals
  • Maine: 1 individual

Lockton began notifying affected consumers on March 7, 2025, via U.S. mail, publication in print media, and postings on the company's website. The company disclosed the breach to multiple state attorney general offices and the U.S. Department of Health and Human Services.

Lockton's Response

Following the data breach, Lockton implemented several measures designed to enhance the security of its systems and data. To support affected individuals, Lockton is offering complimentary 24-month memberships to Experian IdentityWorks, an identity protection service. This service provides identity theft detection, credit monitoring, identity restoration support, and up to $1 million in identity theft insurance. Affected consumers must enroll by June 30, 2025, to take advantage of this offer.

Lockton encourages individuals impacted by this breach to take proactive steps to protect their personal information. Consumers should closely monitor their credit reports and financial account statements for unauthorized activity. Individuals can request free annual credit reports from the three major credit bureaus (Equifax, Experian, and TransUnion) at AnnualCreditReport.com.

Additionally, consumers may consider placing a security freeze or fraud alert on their credit files to prevent new accounts from being opened in their names without consent. For detailed information on how to place a security freeze or fraud alert, affected individuals can refer to Lockton's official notice, available in PDF format at the bottom of this article.

For further assistance or questions about this data breach, consumers can contact Lockton's dedicated support line provided in their notification letters.

About Southeast Series of Lockton Companies

Southeast Series of Lockton Companies, LLC is a regional division of Lockton Companies, a global insurance brokerage and risk management firm. Founded in 1966 by Jack Lockton and headquartered in Kansas City, Missouri, Lockton Companies is the world's largest privately held insurance brokerage firm. The company operates over 130 offices worldwide, serves clients in more than 140 countries, and employs over 10,750 associates globally. In fiscal year 2023, Lockton Companies generated global revenues of $3.1 billion.

The Southeast Series division specifically serves clients in the southeastern United States, with offices in cities such as Atlanta, Charlotte, Birmingham, and Tampa.

Additional Information and Resources

For more details about this breach, consumers can review official disclosures filed with various state attorney general offices and the U.S. Department of Health and Human Services:

Notice Letter

This browser does not support inline PDFs. Please download the PDF to view it: Download PDF

Affected Entity
Lockton
Consumers Notification date
March 07, 2025
Date of Breach
November 20, 2024
Breach Discovered Date
February 05, 2025
Total People Affected
Information Types Exposed
  • Name of individual
  • Address
  • Social Security Number Information
  • Medical Information
  • Health Insurance Information
  • Date of Birth
  • Names
  • Driver's license numbers
  • Financial account information
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image