**Abri Reports Data Breach Exposing Sensitive Personal and Health Information**
Abri, a provider of personal and health-related services, recently disclosed a data breach in which an unauthorized party accessed and potentially exfiltrated sensitive information from its systems. The company first detected the incident in mid-2024 and launched an investigation to assess the scope of the compromise.
The breach occurred between May 3 and May 4, 2024, during which the attacker may have accessed a range of personally identifiable information (PII) and protected health information (PHI). The exposed data varies by individual but includes names, Social Security numbers, dates of birth, driver’s license or state ID numbers, financial account details, payment card numbers, medical records, health insurance information, digital signatures, and birth or marriage certificates.
Abri completed its review of the affected data and began notifying impacted individuals on December 30, 2025, via mailed breach notification letters. As part of its response, the company is offering complimentary credit monitoring services to those affected. The breach notice filed with the Massachusetts Attorney General’s office provides further details on the exposed information for residents of the state.
Source: https://straussborrelli.com/2026/01/02/abri-credit-union-data-breach-investigation/
Abri Group cybersecurity rating report: https://www.rankiteo.com/company/abri-group
"id": "ABR1767404204",
"linkid": "abri-group",
"type": "Breach",
"date": "1/2026",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Impacted individuals (specific '
'number not disclosed)',
'industry': 'Healthcare/Social Services',
'name': 'Abri',
'type': 'Organization'}],
'customer_advisories': 'Data breach notification letters mailed to impacted '
'individuals',
'data_breach': {'data_exfiltration': 'Potential',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Name',
'Social Security number',
'Date of birth',
'Driver’s license or state ID '
'number',
'Financial account information',
'Payment card number',
'Medical information',
'Health insurance information',
'Digital signature',
'Birth/marriage certificate']},
'date_detected': '2024-05-04',
'date_publicly_disclosed': '2025-12-30',
'description': 'Abri experienced a data breach in which sensitive personal '
'identifiable information and protected health information may '
'have been compromised. An unauthorized party gained access to '
'certain systems, leading to potential exposure of sensitive '
'data.',
'impact': {'data_compromised': 'Sensitive personal identifiable information '
'and protected health information',
'identity_theft_risk': 'High',
'payment_information_risk': 'High'},
'investigation_status': 'Completed',
'recommendations': 'Providing complimentary credit monitoring services to '
'affected individuals',
'references': [{'date_accessed': '2025-12-30',
'source': 'Abri Breach Notice'}],
'regulatory_compliance': {'regulatory_notifications': 'Filed with the '
'Attorney General of '
'the Commonwealth of '
'Massachusetts'},
'response': {'communication_strategy': 'Data breach notification letters '
'mailed to impacted individuals',
'incident_response_plan_activated': 'Yes'},
'title': 'Abri Data Breach',
'type': 'Data Breach'}