VCA Animal Hospitals has notified individuals that an incident occurring on June 19, 2026 involved some of their personal information, including their name and bank account details. The veterinary care company, now part of Mars Veterinary Health, is offering complimentary credit monitoring to affected individuals as a precaution. Businesses that collect banking information from clients or employees have a responsibility to protect that data from unauthorized access, given how directly it can be used to cause financial harm.
VCA Animal Hospitals’s Data Breach Investigation
According to the notification letter sent to affected individuals, VCA Animal Hospitals experienced an incident on June 19, 2026 that involved some of the personal information the company maintains. Following an investigation, VCA determined that the types of personal information involved included individuals’ names and bank account details. The company states it is unaware of any instances since the incident occurred in which the exposed information has been misused, but is nonetheless offering twelve months of complimentary Single Bureau Credit Monitoring, Single Bureau Credit Report, and Single Bureau Credit Score services through Cyberscout, a TransUnion company. The letter does not disclose the cause of the incident, such as whether it involved a phishing attack, a compromised vendor system, or unauthorized internal access, and that information is not publicly available at this time.
The exposure of bank account details specifically, rather than only names or general contact information, raises a more immediate financial risk than many other categories of breached data, since bank account numbers can potentially be used for unauthorized withdrawals or fraudulent transfers if combined with other identifying information. This makes it especially important for affected individuals to monitor their bank statements closely in the weeks following notification, not just their credit reports, since traditional credit monitoring services are generally designed to catch new credit accounts being opened rather than unauthorized activity on an existing bank account.
Veterinary and animal care companies, like many healthcare-adjacent businesses, routinely collect payment information from clients as part of processing invoices for services rendered, which means a breach at a company like VCA can expose the same categories of sensitive financial data that a breach at a traditional bank or retailer might, even though clients may not think of a veterinary visit as a high-risk transaction from a data security standpoint. As with other service providers that handle recurring billing relationships, the volume of stored payment information accumulated over years of client visits can make a single breach far more consequential than one exposed transaction would suggest.
Under Massachusetts law, individuals who are victims of identity theft resulting from a breach like this one have the right to obtain a copy of any police report filed in connection with the incident, which can be an important step in disputing fraudulent charges or accounts with banks and credit bureaus. Anyone who notices unfamiliar activity on their bank statements or credit accounts following this notification should act quickly, since financial institutions often have limited windows for disputing unauthorized transactions.
When Did This Breach Occur?
VCA Animal Hospitals states that the incident affecting personal information occurred on June 19, 2026. The notification letter does not specify the date the incident was discovered or when the investigation concluded.
What Information Was Breached?
According to VCA’s investigation, the personal information involved in this incident included affected individuals’ names and bank account details.
What You Can Do
VCA Animal Hospitals is offering twelve months of complimentary Single Bureau Credit Monitoring, Credit Report, and Credit Score services through Cyberscout. Recipients of the notification letter can:
- Enroll in the complimentary credit monitoring service using the activation code provided in their letter before the January 12, 2027 deadline
- Closely monitor bank account statements for unauthorized withdrawals or transfers
- Contact their bank immediately if they notice any unfamiliar account activity
- Place a fraud alert or security freeze with Equifax, Experian, and TransUnion
- Request a free credit report at annualcreditreport.com and review it for discrepancies
File a Data Breach Lawsuit Against VCA Animal Hospitals
If you received a notification letter from VCA Animal Hospitals about this data breach, you may have legal options, particularly given the exposure of sensitive bank account details.
Contact us at Class Action U, where we’ll connect you with a lawyer skilled in class action lawsuits. If you’ve been contacted about this breach, received notice, or discovered you were impacted, fill out our quick, easy, and secure form to sign up. There is no cost to reach out to our legal partner and no obligation after speaking with someone from our team.