Foley & Lardner LLP Data Breach

On April 28, 2025, Foley & Lardner LLP became aware of a vishing incident impacting one of its employees. Following the discovery of the incident, the law firm took swift action to address the issue by engaging a team of cybersecurity specialists. These experts worked alongside Foley to initiate an investigation, reset affected passwords, and notify the Federal Bureau of Investigation (FBI). The company’s investigation revealed that between April 17 and April 22, 2025, a limited amount of personal information was accessed without authorization.

Although the investigation confirmed that only a small subset of files was affected, Foley remained vigilant throughout the process, focusing on identifying and contacting potentially impacted individuals. A thorough review of the files was conducted, and by December 18, 2025, it was determined that a total of approximately eight residents from Maine were impacted.

Despite the breach, Foley has confirmed that there is no evidence indicating any misuse of the compromised information. Furthermore, the firm has outlined a series of steps taken to prevent further incidents, including enhanced security protocols and ongoing employee training.

In response to the breach, Foley has offered identity protection services to those affected. These services include access to credit monitoring, dark web monitoring, and a $1 million identity fraud loss reimbursement policy. The law firm continues to investigate the breach in collaboration with the FBI and is committed to cooperating fully with law enforcement authorities as needed.

When Did This Breach Occur?

The breach occurred between April 17 and April 22, 2025. However, Foley became aware of the incident on April 28, 2025, and took immediate steps to investigate and mitigate the situation. Written notifications were sent to the affected individuals by December 23, 2025.

What Information Was Breached?

The data breach exposed the following types of personal information:

• First and last names

• Personal Information

Foley has confirmed that only a limited amount of information was affected, and there is no indication of misuse or attempted misuse of the data at this time.

What You Can Do

If you were impacted by the Foley & Lardner LLP data breach, here are some steps you should take to protect your personal information:

1. Monitor Your Accounts: Regularly check your bank and credit card statements for any unauthorized transactions.
2. Enroll in Identity Protection Services: Foley is offering complimentary identity protection services through IDX, which includes credit monitoring, dark web monitoring, and a $1 million fraud loss reimbursement policy. Make sure to enroll before the deadline on March 23, 2026.
3. Place Fraud Alerts and Security Freezes: Contact the major credit bureaus to place a fraud alert or freeze on your credit to prevent unauthorized access to your credit file.
4. Review Your Credit Reports: Request a free credit report from the major reporting agencies to ensure there is no suspicious activity.
5. Stay Vigilant: Watch for signs of identity theft, such as unexpected bills or unfamiliar accounts, and report any fraudulent activity to your bank or credit card company immediately.

For additional assistance or to enroll in the complimentary protection services, visit the IDX portal provided by Foley.

File a Data Breach Lawsuit Against Foley & Lardner LLP

If you were impacted by the Foley & Lardner LLP data breach, you may be eligible to file a lawsuit for compensation. Data breaches like this can cause lasting financial harm, such as identity theft and fraud, and it is important for affected individuals to seek justice.

At Class Action U, we can help you determine whether you are eligible to join a class action lawsuit against Foley & Lardner LLP. Our team can connect you with experienced attorneys who specialize in class actions and data breach cases. Don’t let a data breach go unnoticed – hold the responsible party accountable.