Subscribe To Our Newsletter

This field is for validation purposes and should be left unchanged.
Class Action U Logo
Check Your Eligibility

National Center for Construction Education & Research Data Breach

National Center for Construction Education & Research disclosed a data breach after cybercriminals linked to the Quilin ransomware group gained unauthorized access to its systems and exfiltrated files containing sensitive personal information. The breach exposed Social Security numbers and affected residents across multiple states, including Maine. NCCER has offered credit monitoring and identity protection services to impacted individuals, while consumers may also wish to explore their legal options related to the incident.

Check Your Eligibility
National Center for Construction Education & Research
Date of Breach: March 21, 2025
CAU logo

Who was affected:

Clients of National Center for Construction Education & Research

Impacted Data:

Full names

Social Security numbers

Check Your Eligibility

National Center for Construction Education & Research (NCCER) disclosed a data breach after cybercriminals gained unauthorized access to its network and exfiltrated sensitive files. The incident exposed personal information, including Social Security numbers, and impacted individuals across multiple states.

National Center for Construction Education & Research’s Data Breach Investigation

National Center for Construction Education & Research (“NCCER”) recently disclosed a cybersecurity incident involving unauthorized access to its internal network. NCCER is a Florida-based nonprofit organization that provides standardized training, assessments, and credentialing programs for workers in the construction industry. According to the company’s notice filed with the Maine Attorney General, the organization became aware of suspicious activity on March 21, 2025.

After discovering the incident, NCCER reportedly took immediate steps to investigate and contain the breach. The organization temporarily took systems offline while it worked with outside legal counsel and cybersecurity forensic specialists to determine the nature and scope of the attack. Investigators later concluded that cybercriminals had successfully exfiltrated files from NCCER’s network without authorization. The threat actor identified in the filing was the Quilin ransomware group.

As part of the response process, NCCER launched a detailed review to determine what information may have been exposed and which individuals were affected. The organization engaged a data review team around June 20, 2025, to analyze the compromised files and identify impacted consumers. According to the filing, the data mining review process continued through March 2026 due to the volume and complexity of the materials involved.

NCCER also conducted a supplemental review to classify data subjects and verify the identities of affected individuals before issuing notifications. That review reportedly concluded around April 12, 2026. The organization then performed an address verification process to ensure notices could be mailed directly to impacted individuals.

The company began notifying affected individuals on a rolling basis starting April 27, 2026. Maine residents received written notification letters on May 1, May 15, and May 21, 2026. According to the notice, at least twenty-four Maine residents were affected by the breach.

The breach notification letter explained that the attackers may have acquired sensitive personal data belonging to affected individuals. NCCER stated that, at the time notices were sent, there was no evidence indicating misuse of the exposed information for identity theft or fraud. However, the organization acknowledged that personal information had been accessed by unauthorized actors.

The incident is particularly concerning because the compromised information included Social Security numbers. Exposure of Social Security numbers can create long-term risks for affected individuals, including identity theft, fraudulent tax filings, unauthorized financial activity, and credit fraud. Cybercriminals frequently target this type of information because it can be used to open accounts, apply for loans, or commit other forms of financial fraud in another person’s name.

In response to the incident, NCCER stated that it implemented additional security measures, reset account passwords, and worked to strengthen its systems against future attacks. The organization also reported the matter to federal law enforcement authorities.

To assist affected individuals, NCCER is offering twelve months of complimentary credit monitoring and identity protection services through Cyberscout, a TransUnion company. The services include single-bureau credit monitoring, dark web monitoring, identity theft recovery assistance, and access to a professional call center for fraud support services.

Data breaches involving Social Security numbers can leave victims vulnerable long after the initial cyberattack. Even if fraud is not immediately detected, stolen personal information may later appear for sale on dark web marketplaces or be used in future scams. Consumers impacted by breaches often face ongoing concerns about financial security, identity misuse, and privacy violations.

As data breach lawsuits continue to increase nationwide, organizations that collect and store sensitive consumer information may face legal scrutiny regarding whether reasonable cybersecurity safeguards were in place before an attack occurred. Individuals affected by the NCCER breach may wish to learn more about their legal rights and whether compensation could be available for damages related to the exposure of their personal information.

When Did This Breach Occur?

NCCER became aware of unauthorized activity on its network on March 21, 2025. The organization later determined that files had been exfiltrated during the cyberattack.

The company’s data review process began around June 20, 2025, and concluded in March 2026, with supplemental review completed around April 12, 2026. Affected individuals began receiving notification letters starting on April 27, 2026, with Maine residents notified on May 1, May 15, and May 21, 2026.

What Information Was Breached?

According to NCCER’s notice, the following types of personal information were potentially exposed in the data breach:

  • Full names
  • Social Security numbers
  • Other personally identifiable information contained in compromised files

What You Can Do

If you received a data breach notification from NCCER, there are several important steps you may consider taking to help protect yourself from identity theft and fraud.

First, monitor your financial accounts, credit reports, and insurance statements for suspicious activity. Unauthorized transactions or unfamiliar accounts could indicate misuse of your information. You may also consider placing a fraud alert or security freeze on your credit files with the major credit reporting agencies.

NCCER is offering complimentary credit monitoring and identity protection services through Cyberscout. Individuals who received notification letters should review enrollment instructions carefully and activate the services before the deadline listed in the notice.

It is also important to remain cautious of phishing emails, phone scams, or suspicious messages that reference the breach. Cybercriminals often use publicly reported incidents to target affected consumers with fraudulent communications designed to steal additional information.

Many people affected by data breaches do not realize they may have legal rights. Data breach lawsuits can help consumers pursue compensation for damages related to identity theft risks, financial harm, lost time, and privacy concerns. Learning about your legal options may help you better understand what protections and remedies may be available.

File a Data Breach Lawsuit Against National Center for Construction Education & Research

If you received a data breach notification from National Center for Construction Education & Research, you may be eligible to pursue compensation through a data breach lawsuit.

Companies and organizations that collect sensitive personal information may have a responsibility to implement reasonable cybersecurity protections to safeguard consumer data. When Social Security numbers and other sensitive information are exposed in a cyberattack, affected individuals can face serious risks involving fraud, identity theft, and long-term financial harm.

A class action lawsuit may help impacted individuals recover compensation for out-of-pocket expenses, lost time, identity protection costs, and other damages associated with the breach. In some cases, lawsuits may also encourage organizations to strengthen their cybersecurity practices to better protect consumer information in the future.

Contact us at Class Action U, where we’ll connect you with a lawyer skilled in class action lawsuits. If you’ve been contacted about this breach, received notice, or discovered you were impacted, fill out our quick, easy, and secure form to sign up. There is no cost to reach out to our legal partner and no obligation after speaking with someone from our team.

VIEW PDF
Subscribe To Our Newsletter

New cases and investigations, settlement deadlines, and news straight to your inbox.

This field is for validation purposes and should be left unchanged.
Other Data Breaches
C.N. Wood Co Data Breach
Date of Breach: August 2025
Nottingham Village Data Breach
Date of Breach: November 9, 2025
National Center for Construction Education & Research Data Breach
Date of Breach: March 21, 2025
Show More

Frequently Asked Questions

A data breach occurs when sensitive, confidential, or protected information is accessed, stolen, or disclosed without authorization. Data breaches often occur through phishing emails, malware, weak passwords, insider threats, or unsecured databases. Indicators of a data breach can include unexpected password resets, suspicious account activity, unauthorized transactions, or notifications from companies about compromised information.If you suspect your data has been compromised, you must take measures and act quickly. Change passwords, enable two-factor authentication, review your financial accounts for unusual activity and consider freezing your credit.

Once stolen, your personal information may be sold on the dark web or used for identity theft and financial fraud. In some cases, hackers use the data to extort companies or launch further attacks. Victims often face long-term risks, including damage to credit and privacy.

If you receive a data breach notification, don’t ignore it. Immediately change passwords for the affected account and any others that share credentials. Enroll in any free credit monitoring services offered and monitor financial statements closely.

To pursue a data breach claim, you’ll need documentation showing your information was compromised and proof of resulting harm, such as fraudulent charges, credit score damage, or identity theft reports. Notification letters, financial records, and communication with the breached company can help support your claim.

Yes. If a company fails to protect consumer data or delays notifying victims, it may be held liable under state and federal privacy laws. Many victims join class action lawsuits to recover financial losses and hold negligent organizations accountable.

Data breach settlements vary widely depending on the size of the breach, type of data compromised, and damages suffered by victims. Payouts may include cash compensation, identity theft protection, or reimbursement for losses. Many settlements range from a few hundred to several thousand dollars per person. A skilled data breach lawyer can guide victims through the complex legal process, ensuring their rights are protected. If you’ve received a data breach notification or believe your personal data was exposed, you may be eligible for compensation. Contact Class Action U to learn more about how to join a data breach lawsuit and understand the process of filing.