Subscribe To Our Newsletter

This field is for validation purposes and should be left unchanged.

MCBS Data Breach

A cybersecurity incident at MCBS, LLC between September 22–26, 2025, may have exposed personal and health information of 135 New Hampshire residents. Complimentary credit monitoring is offered, and affected individuals are encouraged to monitor accounts and consider legal recourse.

MCBS
Date of Breach: September 25, 2025
CAU logo

Who was affected:

Clients of MCBS

Impacted Data:

Full name

Social Security number

Date of birth

Health plan beneficiary number

Health insurance policy number or subscriber ID

Other health insurance information

Medical history, conditions, or treatment information

Diagnosis information

MCBS, LLC has reported a data security incident involving unauthorized access to its network that may have impacted personal information of 135 New Hampshire residents. While there is no evidence of identity theft or fraud to date, the company is providing resources and guidance to help affected individuals protect their information.

MCBS, LLC’s Data Breach Investigation

On or about September 25, 2025, MCBS became aware of unauthorized activity in its network. The company immediately contained the incident and launched a thorough investigation with the assistance of external cybersecurity professionals. After an extensive forensic investigation and document review, MCBS determined on or about May 28, 2026, that certain files containing personal information may have been accessed or acquired between September 22, 2025, and September 26, 2025.

The investigation identified that the affected information could include full names, Social Security numbers, dates of birth, health plan beneficiary numbers, health insurance policy numbers, other health insurance details, medical history, mental or physical condition information, and medical treatment or diagnosis data. MCBS has since notified all potentially impacted individuals and is offering guidance on protective steps and identity monitoring services.

When Did This Breach Occur?

Unauthorized access to MCBS’s network occurred between September 22, 2025, and September 26, 2025, with discovery on September 25, 2025. Notifications to affected individuals were issued on or about June 26, 2026 once addresses were verified.

What Information Was Breached?

The potentially exposed information includes:

  • Full name
  • Social Security number
  • Date of birth
  • Health plan beneficiary number
  • Health insurance policy number or subscriber ID
  • Other health insurance information
  • Medical history, conditions, or treatment information
  • Diagnosis information

Exposure of this type of data may increase the risk of medical identity theft, insurance fraud, or other forms of misuse.

What You Can Do

Affected individuals should take proactive steps to protect themselves:

  1. Enroll in Complimentary Credit Monitoring: Individuals whose Social Security numbers were affected may receive 12 months of credit monitoring services.
  2. Monitor Accounts and Reports: Regularly review financial account statements, Explanation of Benefits (EOBs), and medical records for suspicious activity.
  3. Obtain Free Credit Reports: Request annual credit reports from Equifax, Experian, and TransUnion via www.annualcreditreport.com.
  4. Place Fraud Alerts or Security Freezes: Contact credit bureaus to add a fraud alert or freeze to restrict unauthorized access.
  5. Report Fraud or Identity Theft: File a report with local law enforcement, state Attorney General offices, or the Federal Trade Commission (www.ftc.gov/idtheft) if you detect misuse.

Residents may also reference state-specific protections for identity theft, including Iowa, Maryland, Massachusetts, New Mexico, New York, North Carolina, Oregon, Rhode Island, and Washington D.C..

File a Data Breach Lawsuit Against MCBS, LLC

Organizations entrusted with sensitive health and personal information have a legal duty to implement reasonable safeguards. When unauthorized access occurs, affected individuals may have legal options to pursue compensation for privacy violations, time spent addressing the breach, and related expenses.

If you received a notice from MCBS, LLC or believe your personal information was exposed, you may explore legal remedies. Participating in a class action lawsuit with others impacted can help hold the company accountable and ensure stronger safeguards are implemented for the future.

Contact us at Class Action U, where we’ll connect you with a lawyer skilled in class action lawsuits. If you’ve been contacted about this breach, received notice, or discovered you were impacted, fill out our quick, easy, and secure form to sign up. There is no cost to reach out to our legal partner and no obligation after speaking with someone from our team.

Subscribe To Our Newsletter

New cases and investigations, settlement deadlines, and news straight to your inbox.

This field is for validation purposes and should be left unchanged.
Other Data Breaches
Date of Breach: September 25, 2025

Frequently Asked Questions

A data breach occurs when sensitive, confidential, or protected information is accessed, stolen, or disclosed without authorization. Data breaches often occur through phishing emails, malware, weak passwords, insider threats, or unsecured databases. Indicators of a data breach can include unexpected password resets, suspicious account activity, unauthorized transactions, or notifications from companies about compromised information.If you suspect your data has been compromised, you must take measures and act quickly. Change passwords, enable two-factor authentication, review your financial accounts for unusual activity and consider freezing your credit.

Once stolen, your personal information may be sold on the dark web or used for identity theft and financial fraud. In some cases, hackers use the data to extort companies or launch further attacks. Victims often face long-term risks, including damage to credit and privacy.

If you receive a data breach notification, don’t ignore it. Immediately change passwords for the affected account and any others that share credentials. Enroll in any free credit monitoring services offered and monitor financial statements closely.

To pursue a data breach claim, you’ll need documentation showing your information was compromised and proof of resulting harm, such as fraudulent charges, credit score damage, or identity theft reports. Notification letters, financial records, and communication with the breached company can help support your claim.

Yes. If a company fails to protect consumer data or delays notifying victims, it may be held liable under state and federal privacy laws. Many victims join class action lawsuits to recover financial losses and hold negligent organizations accountable.

Data breach settlements vary widely depending on the size of the breach, type of data compromised, and damages suffered by victims. Payouts may include cash compensation, identity theft protection, or reimbursement for losses. Many settlements range from a few hundred to several thousand dollars per person. A skilled data breach lawyer can guide victims through the complex legal process, ensuring their rights are protected. If you’ve received a data breach notification or believe your personal data was exposed, you may be eligible for compensation. Contact Class Action U to learn more about how to join a data breach lawsuit and understand the process of filing.