D.B. Root & Company, LLC (“DBR & CO”) disclosed a cybersecurity incident involving unauthorized access to its email systems on November 12, 2025. The breach potentially exposed sensitive personal information of seven New Hampshire residents, including Social Security numbers and account information.
D.B. Root & Company, LLC’s Data Breach Investigation
On November 12, 2025, DBR & CO discovered unauthorized access to its email systems. The company immediately engaged external cybersecurity professionals to investigate the incident, determine the scope of unauthorized access, and assess whether sensitive personal information was compromised.
After a thorough forensic investigation and manual document review, DBR & CO determined on May 13, 2026, that some emails potentially removed by an unauthorized actor on or around November 11, 2025, contained personal information. The compromised data included full names, Social Security numbers, and account information of affected individuals.
DBR & CO took prompt action to notify affected individuals, beginning May 27, 2026, in writing. Residents whose Social Security numbers were impacted were offered complimentary credit monitoring services. The company also provided contact information for the FTC and major credit reporting agencies.
The company emphasized its commitment to safeguarding personal information and continues to evaluate and enhance its privacy and security measures to prevent future incidents.
When Did This Breach Occur?
The email system breach occurred on November 12, 2025, with unauthorized access occurring on or around November 11, 2025. The breach was discovered through forensic review, and notification of affected residents began May 27, 2026.
What Information Was Breached?
The compromised information included:
- Full names
- Social Security numbers
- Account information
What You Can Do
Affected individuals are advised to:
- Enroll in the complimentary credit monitoring service provided by DBR & CO.
- Monitor financial accounts and credit reports for suspicious activity.
- Place a fraud alert or credit freeze with Equifax, Experian, and TransUnion.
- Remain vigilant for phishing emails, suspicious communications, or attempts to collect additional personal information.
- Report any fraudulent activity to the FTC and relevant financial institutions.
These steps help mitigate the risk of identity theft and unauthorized use of personal information.
File a Data Breach Lawsuit Against D.B. Root & Company, LLC
If you received a notification from D.B. Root & Company, LLC regarding this incident, you may be eligible to pursue compensation through a data breach lawsuit.
Organizations that collect and maintain sensitive personal information are expected to implement reasonable cybersecurity safeguards. Breaches exposing Social Security numbers and account data can lead to identity theft, financial harm, and privacy violations.
A data breach lawsuit may allow affected individuals to recover damages for out-of-pocket costs, identity protection services, lost time, and emotional distress. Legal action may also encourage organizations to strengthen cybersecurity measures to better protect consumer data in the future.
Contact us at Class Action U, where we’ll connect you with a lawyer skilled in class action lawsuits. If you’ve been contacted about this breach, received notice, or discovered you were impacted, fill out our quick, easy, and secure form to sign up. There is no cost to reach out to our legal partner and no obligation after speaking with someone from our team.
