North Star Fertility Partners LLC (“Northstar”) recently disclosed a data breach tied to a third-party vendor security incident. The breach involved unauthorized access to a Salesforce-hosted database through Salesloft and occurred between August 12 and August 17, 2025. One Maine resident was affected.
North Star Fertility Partners’ Data Breach Investigation
North Star Fertility Partners learned that a cybersecurity incident occurred at one of its third-party vendors, Salesloft. According to the disclosure, unauthorized access was gained to a database hosted by Salesforce. The broader incident reportedly affected hundreds of organizations and occurred between August 12, 2025 and August 17, 2025.
Importantly, Northstar clarified that the breach did not involve access to its internal systems or network. Instead, the unauthorized access was limited to the external vendor environment. Upon learning of the incident, Northstar immediately launched an investigation and engaged a cybersecurity firm experienced in handling similar incidents.
As part of its review process, Northstar analyzed the contents of the impacted database to determine whether any sensitive personal information belonging to its patients or affiliates had been affected. On January 14, 2026, Northstar determined that the database contained the name and driver’s license number of one Maine resident.
The total number of individuals affected by this specific Northstar-related incident has not been publicly disclosed, but only one Maine resident was confirmed as impacted.
On February 13, 2026, Northstar began mailing written notification letters via First-Class mail to the affected Maine resident, in accordance with Maine’s data breach notification law (Me. Rev. Stat. Tit. 10, §1348). A dedicated toll-free call center has also been established to answer questions and provide additional information about the incident.
Although the breach stemmed from a third-party vendor, organizations that entrust sensitive information to outside service providers still maintain responsibility for ensuring appropriate safeguards are in place. Vendor-related breaches have become increasingly common, and they can expose sensitive personal data even when a company’s own internal systems remain secure.
To help mitigate potential harm, Northstar is offering the affected Maine resident a complimentary, one-year membership to credit monitoring and identity protection services through Kroll. Additionally, the company has stated that it has taken steps to enhance its existing security measures to reduce the likelihood of a similar incident occurring in the future.
Even when only limited data elements are exposed, such as a name and driver’s license number, individuals may face increased risks of identity fraud. Driver’s license numbers can be used in fraudulent loan applications, identity verification schemes, and other deceptive activities.
At Class Action U, we believe individuals deserve transparency and accountability when their personal information is placed at risk—even in third-party vendor incidents. Understanding your rights is the first step toward protecting yourself and determining whether legal action may be appropriate.
When Did This Breach Occur?
The unauthorized access to the Salesforce-hosted database occurred between August 12, 2025 and August 17, 2025.
Northstar determined on January 14, 2026 that personal information belonging to a Maine resident was contained in the affected database.
Written notice was mailed to the affected Maine resident on February 13, 2026.
What Information Was Breached?
The information contained in the impacted database included:
-
Name
-
Driver’s license number
While no Social Security numbers or financial account information were identified in this disclosure, driver’s license numbers are still considered sensitive personal information and can increase the risk of identity misuse.
What You Can Do
If you received a notification from North Star Fertility Partners, consider taking the following steps:
-
Enroll in the complimentary one-year credit monitoring and identity protection services offered through Kroll.
-
Monitor your credit reports for unfamiliar accounts or inquiries.
-
Review financial statements and account activity for suspicious transactions.
-
Consider placing a fraud alert or security freeze on your credit file.
-
Report any suspected identity theft to your financial institution, the Federal Trade Commission, and local law enforcement.
Staying vigilant is critical, even if there is currently no evidence of misuse. Identity fraud can surface months after a breach occurs.
You may also want to explore your legal options. Many individuals do not realize that even vendor-related breaches may provide grounds for a class action lawsuit.
File a Data Breach Lawsuit Against North Star Fertility Partners
If your personal information was exposed in this third-party data breach, you may be eligible to pursue compensation. Organizations that collect and store sensitive personal data, including through vendors, have a responsibility to implement reasonable security safeguards.
Even limited data exposure can create real risks, including the time and cost of credit monitoring, stress, and potential identity misuse. Class action lawsuits allow affected individuals to join together to seek accountability and financial recovery.
Contact us at Class Action U, where we’ll connect you with a lawyer skilled in class action lawsuits. If you’ve been contacted about this breach, received notice, or discovered you were impacted, fill out our quick, easy, and secure form to sign up. There is no cost to reach out to our legal partner and no obligation after speaking with someone from our team
