Subscribe To Our Newsletter

This field is for validation purposes and should be left unchanged.
Class Action U Logo
Check Your Eligibility

Hypertherm Data Breach

Hypertherm confirmed a data breach after attackers exploited a vulnerability in Oracle E-Business Suite and accessed database tables containing names and Social Security numbers. Affected individuals are being notified and offered credit monitoring services. Those impacted may be eligible to join a class action lawsuit and seek compensation.

Hypertherm
Date of Breach: August 9, 2025
CAU logo

Who was affected:

Clients of Hypertherm

Impacted Data:

Full Name

Social Security Number

Check Your Eligibility

Hypertherm, Inc. recently reported a data breach linked to a vulnerability in Oracle’s E-Business Suite software. An unauthorized actor exploited the vulnerability and accessed certain database tables that may have contained personal information. Affected individuals are now being notified and offered credit monitoring services.

Hypertherm’s Data Breach Investigation

Hypertherm, Inc., a company that uses Oracle’s E-Business Suite (EBS) software to manage various operational systems, recently confirmed that it was impacted by a broader cybersecurity incident affecting organizations using the platform. Oracle EBS is widely used by businesses to handle functions such as financial management, supply chains, and human resources operations. Because of the sensitive nature of the information these systems manage, any vulnerability can present serious risks.

According to the company’s investigation, an unauthorized actor exploited a previously unknown vulnerability within Oracle EBS software. This vulnerability allowed the attacker to extract data from the Oracle EBS environments of several organizations, including Hypertherm. The incident demonstrates how software vulnerabilities in widely used enterprise systems can have cascading effects across multiple companies.

Once Hypertherm became aware of the incident, the company promptly activated its incident response procedures. This included taking steps to secure its Oracle EBS implementation and launching a formal investigation into what occurred. Cybersecurity specialists were engaged to analyze the affected systems and determine the scope of the exposure.

The investigation revealed that the unauthorized actor obtained certain database tables from Hypertherm’s Oracle EBS system on or about August 9, 2025. After identifying the potentially impacted data, Hypertherm conducted a detailed review of the tables that were accessed to determine whether they contained personal information and to identify the individuals affected.

This review process concluded on February 10, 2026. The analysis determined that one or more of the accessed database tables contained personal information belonging to individuals, including residents of Maine. Specifically, the exposed data included names and Social Security numbers.

Although the exposure appears to have been limited to a specific set of database tables, the presence of Social Security numbers in the accessed files raises significant concerns about potential identity theft risks. Even if misuse has not yet been detected, sensitive identifiers like Social Security numbers can be exploited long after a breach occurs.

To comply with applicable data breach notification laws, Hypertherm began notifying affected individuals by mail. On March 13, 2026, the company sent written notices via U.S. First-Class Mail to impacted Maine residents whose information was found in the compromised database tables.

In addition to providing breach notifications, Hypertherm has taken steps to prevent similar incidents from occurring in the future. The company applied the software patch released by Oracle to address the vulnerability and implemented additional security safeguards to strengthen its Oracle EBS deployment.

Hypertherm has also established a dedicated toll-free call center to assist affected individuals and answer questions regarding the incident. As an additional precaution, the company is offering credit monitoring services through Kroll to individuals whose Social Security numbers were included in the compromised data.

While investigations into software supply-chain vulnerabilities like this often continue for months, the incident highlights the ongoing cybersecurity risks organizations face when attackers exploit weaknesses in widely used enterprise platforms.

When Did This Breach Occur?

The unauthorized access occurred on August 9, 2025.

Hypertherm discovered the breach on February 10, 2026, after completing a detailed review of database tables that were accessed through the Oracle E-Business Suite vulnerability.

What Information Was Breached?

The information potentially exposed during the breach includes:

  • Full Name

  • Social Security Number

The affected data was identified within database tables obtained by an unauthorized actor through exploitation of an Oracle E-Business Suite vulnerability.

What You Can Do

If you received a notification from Hypertherm regarding this incident, there are several steps you can take to help protect your personal information and reduce the risk of identity theft.

First, consider enrolling in the complimentary credit monitoring services offered through Kroll. These services can help detect suspicious activity involving your credit file and provide identity theft recovery assistance if needed.

You should also regularly review your bank statements, credit card activity, and financial accounts for any unauthorized transactions. Monitoring your credit reports is another important step. U.S. consumers are entitled to free credit reports annually from the three major credit bureaus—Equifax, Experian, and TransUnion—through AnnualCreditReport.com.

Placing a fraud alert on your credit file can add an additional layer of protection. Fraud alerts require creditors to take extra steps to verify your identity before issuing new credit. You may also consider placing a credit freeze, which prevents credit bureaus from releasing your credit report without your authorization.

Remaining vigilant is important after any data breach involving Social Security numbers. Identity theft can occur months or even years after an incident.

If you received a breach notification from Hypertherm, you may also want to explore your legal options. Many individuals affected by data breaches do not realize they may have rights under consumer protection laws. Learning about those rights can help ensure you do not miss potential compensation.

File a Data Breach Lawsuit Against Hypertherm

If you received a data breach notification from Hypertherm stating that your personal information was exposed, you may be eligible to pursue legal action.

Organizations that collect and store sensitive personal data—including Social Security numbers—have a responsibility to implement strong security measures to protect that information. When companies fail to adequately safeguard this data, individuals may face risks such as identity theft, financial fraud, and long-term privacy concerns.

Class action lawsuits can help affected individuals hold organizations accountable for failing to properly protect personal data. These cases may allow victims to recover compensation for damages, time spent resolving identity theft issues, credit monitoring costs, and other related losses.

If you believe your information was involved in the Hypertherm data breach, you may have the right to join a data breach lawsuit and seek compensation.

Contact us at Class Action U, where we’ll connect you with a lawyer skilled in class action lawsuits. If you’ve been contacted about this breach, received notice, or discovered you were impacted, fill out our quick, easy, and secure form to sign up. There is no cost to reach out to our legal partner and no obligation after speaking with someone from our team

VIEW PDF
Subscribe To Our Newsletter

New cases and investigations, settlement deadlines, and news straight to your inbox.

This field is for validation purposes and should be left unchanged.
Other Data Breaches
American Vintage Home Data Breach
Date of Breach: Not Specified
JSI Research & Training Institute Data Breach
Date of Breach: March 5, 2026
Structural Component Systems Data Breach
Date of Breach: September 10, 2025
Show More

Frequently Asked Questions

A data breach occurs when sensitive, confidential, or protected information is accessed, stolen, or disclosed without authorization. Data breaches often occur through phishing emails, malware, weak passwords, insider threats, or unsecured databases. Indicators of a data breach can include unexpected password resets, suspicious account activity, unauthorized transactions, or notifications from companies about compromised information.If you suspect your data has been compromised, you must take measures and act quickly. Change passwords, enable two-factor authentication, review your financial accounts for unusual activity and consider freezing your credit.

Once stolen, your personal information may be sold on the dark web or used for identity theft and financial fraud. In some cases, hackers use the data to extort companies or launch further attacks. Victims often face long-term risks, including damage to credit and privacy.

If you receive a data breach notification, don’t ignore it. Immediately change passwords for the affected account and any others that share credentials. Enroll in any free credit monitoring services offered and monitor financial statements closely.

To pursue a data breach claim, you’ll need documentation showing your information was compromised and proof of resulting harm, such as fraudulent charges, credit score damage, or identity theft reports. Notification letters, financial records, and communication with the breached company can help support your claim.

Yes. If a company fails to protect consumer data or delays notifying victims, it may be held liable under state and federal privacy laws. Many victims join class action lawsuits to recover financial losses and hold negligent organizations accountable.

Data breach settlements vary widely depending on the size of the breach, type of data compromised, and damages suffered by victims. Payouts may include cash compensation, identity theft protection, or reimbursement for losses. Many settlements range from a few hundred to several thousand dollars per person. A skilled data breach lawyer can guide victims through the complex legal process, ensuring their rights are protected. If you’ve received a data breach notification or believe your personal data was exposed, you may be eligible for compensation. Contact Class Action U to learn more about how to join a data breach lawsuit and understand the process of filing.