Subscribe To Our Newsletter

This field is for validation purposes and should be left unchanged.

VCA Animal Hospitals Data Breach

VCA Animal Hospitals notified individuals that an incident on June 19, 2026 exposed their names and bank account details, and is offering 12 months of free credit monitoring through Cyberscout.

VCA Animal Hospitals
Date of Breach: June 19, 2026
CAU logo

Who was affected:

Clients of VCA Animal Hospitals

Impacted Data:

Names and bank account details

VCA Animal Hospitals has notified individuals that an incident occurring on June 19, 2026 involved some of their personal information, including their name and bank account details. The veterinary care company, now part of Mars Veterinary Health, is offering complimentary credit monitoring to affected individuals as a precaution. Businesses that collect banking information from clients or employees have a responsibility to protect that data from unauthorized access, given how directly it can be used to cause financial harm.

VCA Animal Hospitals’s Data Breach Investigation

According to the notification letter sent to affected individuals, VCA Animal Hospitals experienced an incident on June 19, 2026 that involved some of the personal information the company maintains. Following an investigation, VCA determined that the types of personal information involved included individuals’ names and bank account details. The company states it is unaware of any instances since the incident occurred in which the exposed information has been misused, but is nonetheless offering twelve months of complimentary Single Bureau Credit Monitoring, Single Bureau Credit Report, and Single Bureau Credit Score services through Cyberscout, a TransUnion company. The letter does not disclose the cause of the incident, such as whether it involved a phishing attack, a compromised vendor system, or unauthorized internal access, and that information is not publicly available at this time.

The exposure of bank account details specifically, rather than only names or general contact information, raises a more immediate financial risk than many other categories of breached data, since bank account numbers can potentially be used for unauthorized withdrawals or fraudulent transfers if combined with other identifying information. This makes it especially important for affected individuals to monitor their bank statements closely in the weeks following notification, not just their credit reports, since traditional credit monitoring services are generally designed to catch new credit accounts being opened rather than unauthorized activity on an existing bank account.

Veterinary and animal care companies, like many healthcare-adjacent businesses, routinely collect payment information from clients as part of processing invoices for services rendered, which means a breach at a company like VCA can expose the same categories of sensitive financial data that a breach at a traditional bank or retailer might, even though clients may not think of a veterinary visit as a high-risk transaction from a data security standpoint. As with other service providers that handle recurring billing relationships, the volume of stored payment information accumulated over years of client visits can make a single breach far more consequential than one exposed transaction would suggest.

Under Massachusetts law, individuals who are victims of identity theft resulting from a breach like this one have the right to obtain a copy of any police report filed in connection with the incident, which can be an important step in disputing fraudulent charges or accounts with banks and credit bureaus. Anyone who notices unfamiliar activity on their bank statements or credit accounts following this notification should act quickly, since financial institutions often have limited windows for disputing unauthorized transactions.

When Did This Breach Occur?

VCA Animal Hospitals states that the incident affecting personal information occurred on June 19, 2026. The notification letter does not specify the date the incident was discovered or when the investigation concluded.

What Information Was Breached?

According to VCA’s investigation, the personal information involved in this incident included affected individuals’ names and bank account details.

What You Can Do

VCA Animal Hospitals is offering twelve months of complimentary Single Bureau Credit Monitoring, Credit Report, and Credit Score services through Cyberscout. Recipients of the notification letter can:

  • Enroll in the complimentary credit monitoring service using the activation code provided in their letter before the January 12, 2027 deadline
  • Closely monitor bank account statements for unauthorized withdrawals or transfers
  • Contact their bank immediately if they notice any unfamiliar account activity
  • Place a fraud alert or security freeze with Equifax, Experian, and TransUnion
  • Request a free credit report at annualcreditreport.com and review it for discrepancies

File a Data Breach Lawsuit Against VCA Animal Hospitals

If you received a notification letter from VCA Animal Hospitals about this data breach, you may have legal options, particularly given the exposure of sensitive bank account details.

Contact us at Class Action U, where we’ll connect you with a lawyer skilled in class action lawsuits. If you’ve been contacted about this breach, received notice, or discovered you were impacted, fill out our quick, easy, and secure form to sign up. There is no cost to reach out to our legal partner and no obligation after speaking with someone from our team.

Subscribe To Our Newsletter

New cases and investigations, settlement deadlines, and news straight to your inbox.

This field is for validation purposes and should be left unchanged.
Other Data Breaches
Date of Breach: November 24-26, 2025 (discovered November 26, 2025; notification sent July 8, 2026)
Date of Breach: August 22, 2024
Date of Breach: January 31, 2025
Related News

Frequently Asked Questions

A data breach occurs when sensitive, confidential, or protected information is accessed, stolen, or disclosed without authorization. Data breaches often occur through phishing emails, malware, weak passwords, insider threats, or unsecured databases. Indicators of a data breach can include unexpected password resets, suspicious account activity, unauthorized transactions, or notifications from companies about compromised information.If you suspect your data has been compromised, you must take measures and act quickly. Change passwords, enable two-factor authentication, review your financial accounts for unusual activity and consider freezing your credit.

Once stolen, your personal information may be sold on the dark web or used for identity theft and financial fraud. In some cases, hackers use the data to extort companies or launch further attacks. Victims often face long-term risks, including damage to credit and privacy.

If you receive a data breach notification, don’t ignore it. Immediately change passwords for the affected account and any others that share credentials. Enroll in any free credit monitoring services offered and monitor financial statements closely.

To pursue a data breach claim, you’ll need documentation showing your information was compromised and proof of resulting harm, such as fraudulent charges, credit score damage, or identity theft reports. Notification letters, financial records, and communication with the breached company can help support your claim.

Yes. If a company fails to protect consumer data or delays notifying victims, it may be held liable under state and federal privacy laws. Many victims join class action lawsuits to recover financial losses and hold negligent organizations accountable.

Data breach settlements vary widely depending on the size of the breach, type of data compromised, and damages suffered by victims. Payouts may include cash compensation, identity theft protection, or reimbursement for losses. Many settlements range from a few hundred to several thousand dollars per person. A skilled data breach lawyer can guide victims through the complex legal process, ensuring their rights are protected. If you’ve received a data breach notification or believe your personal data was exposed, you may be eligible for compensation. Contact Class Action U to learn more about how to join a data breach lawsuit and understand the process of filing.