On February 20, 2025, LGAA discovered a data breach in its system involving a limited portion of its computer network used for data migrations. Unknown cyber actors gained unauthorized access to this segment, potentially copying sensitive files without permission. LGAA has since worked to investigate and notify impacted individuals.
LGAA’s Data Breach Investigation
The breach occurred on a small segment of LGAA’s computer network, which was temporarily used for data migrations. On February 20, 2025, LGAA’s security systems identified unusual activity in this area. Upon further investigation, it was determined that an unknown cyber actor accessed the compromised network and may have copied files containing sensitive data. Although the breach was contained to this specific part of the network, LGAA took immediate action to secure the compromised systems and assess the damage.
A comprehensive review of the files involved was conducted to determine the specific data compromised and the individuals affected. This investigation concluded on October 27, 2025, at which point LGAA began notifying potentially impacted individuals. The company emphasized that, while the breach did not affect other parts of its systems or the core operations of data migration services, the event was serious enough to prompt a thorough security overhaul.
Following the breach, LGAA has implemented several measures to protect data going forward, including data removal from the affected segment of the network. They are offering identity monitoring services to impacted individuals to further safeguard against potential identity theft or fraud resulting from the breach. The company is also providing advice on how individuals can protect their identities in the future.
When Did This Breach Occur?
The unauthorized access to LGAA’s network occurred on February 20, 2025. After identifying the breach, LGAA immediately worked to secure the compromised network segment and began an extensive review of the affected files. The notification and review process was completed on October 27, 2025, when the company was able to finalize the list of individuals to notify.
What Information Was Breached?
The personal information exposed in this data breach varied based on the individual but collectively included:
- Names
- Driver’s license or state identification number
- Credit or debit card numbers
While LGAA has not indicated that this information was misused, the company is providing identity monitoring services as a precautionary measure to help protect against potential fraud.
What You Can Do
If you were affected by this breach, there are several steps you can take to protect yourself:
- Monitor your financial accounts: Regularly check your bank and credit card accounts for any unauthorized transactions.
- Use free credit monitoring services: LGAA is offering free identity monitoring services through TransUnion for 12 months. These services will alert you to any changes or activity related to your credit file.
- Place fraud alerts or security freezes: Consider placing a fraud alert or security freeze on your credit file to make it more difficult for fraudsters to open accounts in your name.
- Review your credit reports: You are entitled to a free credit report every year from each of the major credit reporting agencies. Use these reports to ensure no unauthorized accounts have been opened in your name.
- Stay vigilant: Regularly review account statements and watch for signs of identity theft. If you spot any suspicious activity, report it to your financial institution immediately.
LGAA has also provided guidance on how to report potential identity theft to the Federal Trade Commission, state attorneys general, or local law enforcement.
