UPDATED: March 17, 2026

Gearhiser, Peters, Elliott & Cannon Data Breach

Gearhiser, Peters, Elliott & Cannon, PLLC (GPEC) experienced a data breach in April 2025, exposing personal information such as Social Security numbers and driver’s license numbers. GPEC is offering free credit monitoring to affected individuals and those impacted may have the option to pursue compensation through a class action lawsuit. Contact Class Action U for assistance.

Gearhiser, Peters, Elliott & Cannon

Date of Breach: April 24, 2025

Who was affected:

Clients of Gearhiser, Peters, Elliott & Cannon

Impacted Data:

Names

Social Security numbers

Driver’s license numbers

Gearhiser, Peters, Elliott & Cannon, PLLC (“GPEC”) has recently informed affected individuals about a data breach that may have compromised their personal information. The breach, which occurred in April 2025, involved unauthorized access to the firm’s systems. While GPEC has not found evidence of fraud or misuse, those affected should take precautionary measures to protect their data and may be eligible for compensation through a class action lawsuit.

Gearhiser, Peters, Elliott & Cannon, PLLC Data Breach Investigation

On April 24, 2025, GPEC discovered potential unauthorized access to its systems. After confirming the containment of its network environment, GPEC quickly initiated an investigation with the help of outside cybersecurity professionals. The investigation determined that an unauthorized third party accessed certain GPEC systems on April 22, 2025. The intruder may have copied files from these systems that contained sensitive personal information.

A thorough review of the files was conducted, and by February 12, 2026, GPEC concluded that personal information was involved in the breach. The firm found no evidence of fraud or misuse of the information at this time. However, to protect those potentially affected, GPEC took swift action to notify individuals and offered additional safeguards to prevent further incidents.

When Did This Breach Occur?

The breach took place between April 22, 2025, and April 24, 2025. GPEC initiated the investigation upon discovering the breach and completed the review of impacted files by February 12, 2026. Notifications to affected individuals were sent soon after.

What Information Was Breached?

The following personal information may have been compromised:

Names
Social Security numbers
Driver’s license numbers

This sensitive information can be used for identity theft, financial fraud, and other malicious activities, so affected individuals should take immediate action to protect themselves.

What You Can Do

If you were impacted by this breach, GPEC is providing the following steps to help protect your personal information:

Sign Up for Credit Monitoring – GPEC is offering complimentary 12-month credit monitoring services through IDX, a trusted identity protection provider. These services can help you monitor your credit for any suspicious activity and provide early detection of potential fraud.
Place Fraud Alerts or Credit Freezes – You can place fraud alerts or security freezes on your credit file by contacting the three major credit reporting agencies: Equifax, Experian, and TransUnion. These measures can help prevent unauthorized access to your credit.
Monitor Your Financial Accounts – Regularly review your bank and credit card statements to spot any unauthorized transactions. Early detection of fraudulent activity is crucial for minimizing damage.
Report Identity Theft or Fraud – If you suspect that your information has been misused, contact your credit card company, bank, or other financial institution. You should also file a report with the Federal Trade Commission (FTC), your state Attorney General, and law enforcement if you believe your identity has been stolen.

By taking these steps, you can reduce the risks associated with the breach and protect your personal information.

File a Data Breach Lawsuit Against Gearhiser, Peters, Elliott & Cannon, PLLC

If you received a notification from GPEC regarding this breach and believe your personal information was exposed, you may be entitled to compensation through a class action lawsuit. Data breaches can cause identity theft, financial loss, and emotional distress, and those impacted have the right to seek justice.

At Class Action U, we help individuals affected by data breaches navigate the legal process. If you were impacted by this breach, contact us today for a free consultation to explore your legal options. Our expert attorneys can guide you through the process and ensure your rights are protected. Don’t wait—take action today to protect yourself and pursue compensation.

Subscribe To Our Newsletter

New cases and investigations, settlement deadlines, and news straight to your inbox.

Other Data Breaches

American Vintage Home Data Breach

Date of Breach: Not Specified

JSI Research & Training Institute Data Breach

Date of Breach: March 5, 2026

Structural Component Systems Data Breach

Date of Breach: September 10, 2025

Frequently Asked Questions

What Should I Do If I Believe My Data Has Been Breached?

A data breach occurs when sensitive, confidential, or protected information is accessed, stolen, or disclosed without authorization. Data breaches often occur through phishing emails, malware, weak passwords, insider threats, or unsecured databases. Indicators of a data breach can include unexpected password resets, suspicious account activity, unauthorized transactions, or notifications from companies about compromised information.If you suspect your data has been compromised, you must take measures and act quickly. Change passwords, enable two-factor authentication, review your financial accounts for unusual activity and consider freezing your credit.

What Happens to Your Data in a Data Breach?

Once stolen, your personal information may be sold on the dark web or used for identity theft and financial fraud. In some cases, hackers use the data to extort companies or launch further attacks. Victims often face long-term risks, including damage to credit and privacy.

How Should I Respond to a Data Breach Notification?

If you receive a data breach notification, don’t ignore it. Immediately change passwords for the affected account and any others that share credentials. Enroll in any free credit monitoring services offered and monitor financial statements closely.

What Evidence is Needed for a Data Breach Claim?

To pursue a data breach claim, you’ll need documentation showing your information was compromised and proof of resulting harm, such as fraudulent charges, credit score damage, or identity theft reports. Notification letters, financial records, and communication with the breached company can help support your claim.

Can a Company Be Sued for a Data Breach?

Yes. If a company fails to protect consumer data or delays notifying victims, it may be held liable under state and federal privacy laws. Many victims join class action lawsuits to recover financial losses and hold negligent organizations accountable.

What is the Average Settlement in a Data Breach Lawsuit?

Data breach settlements vary widely depending on the size of the breach, type of data compromised, and damages suffered by victims. Payouts may include cash compensation, identity theft protection, or reimbursement for losses. Many settlements range from a few hundred to several thousand dollars per person. A skilled data breach lawyer can guide victims through the complex legal process, ensuring their rights are protected. If you’ve received a data breach notification or believe your personal data was exposed, you may be eligible for compensation. Contact Class Action U to learn more about how to join a data breach lawsuit and understand the process of filing.