Monro, Inc. Data Breach Exposes SSNs, Affecting Thousands Across the US

Published
March 26, 2025
Updated
April 14, 2025
Monro, Inc. Data Breach Exposes SSNs, Affecting Thousands Across the US
MONRO Auto Service and Tire Centers
Types of INFORMATION affected
  • Names
    Names
  • Social security numbers
    Social Security Numbers
  • Dates of birth
    Dates of Birth
  • Addresses
    Addresses
  • Government IDs
    Government IDs
  • Medical Information
    Medical Info
  • Financial Info
    Financial Info

Affected by the

MONRO Auto Service and Tire Centers

data breach?

Join the Lawsuit

It's free to join. 

In late 2024, Monro, Inc. discovered suspicious activity involving an employee's email. Upon noticing this unusual activity, the company immediately began an investigation. The investigation revealed that between November 21, 2024, and a limited period thereafter, an unauthorized individual accessed the employee's email account and selected files within it.

The company conducted a thorough review of the affected mailbox, which concluded around January 28, 2025. This review determined that the data breach potentially exposed sensitive personally identifiable information (PII) and certain protected health information (PHI) of 112,458 Americans.

Information Exposed:

  • Names
  • Social Security numbers
  • Addresses
  • Dates of birth
  • ID numbers
  • Certain health information
  • Accident history

Monro, Inc. reported this data breach to several state attorneys general offices, including California, South Carolina, and New Hampshire.

Impact by State:

  • Massachusetts: 5,026 residents
  • South Carolina: 2,821 residents
  • New Hampshire: 2,643 residents
  • Rhode Island: 975 residents

Monro, Inc.'s Response

In response to this breach, Monro, Inc. took immediate steps to secure its internal systems and prevent further unauthorized access. These actions included changing passwords, modifying internal email settings and controls, and enhancing employee training to increase awareness and prevent future incidents.

Monro, Inc. is providing affected individuals with complimentary access to Experian IdentityWorks for 12 months. This service includes identity restoration assistance, credit monitoring, and identity theft insurance coverage. Individuals affected by the breach are encouraged to enroll in this service by May 30, 2025, using the activation instructions provided in the notification letter.

Additionally, Monro, Inc. advises all potentially affected individuals to remain vigilant by regularly reviewing bank accounts, credit card statements, and credit reports for any unauthorized activities. The company recommends promptly reporting any suspicious activity or suspected identity theft to local law enforcement, the Federal Trade Commission (FTC), state Attorney General offices, and financial institutions. Individuals can also place fraud alerts or security freezes on their credit files by contacting one of the three major credit reporting agencies: Equifax, Experian, or TransUnion.

Notice Letter

This browser does not support inline PDFs. Please download the PDF to view it: Download PDF

Consumers Notification date
March 21, 2025,
Date of Breach
November 21, 2024
Breach Discovered Date
November 29, 2024
Total People Affected
112458
Information Types Exposed
  • social security numbers
  • Medical Records
  • Financial Account
  • Credit/Debit Numbers
  • name
  • address
  • date of birth
  • ID number
  • certain health information
  • accident history
  • information_types missing

-

CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image