CentroNía Data Breach Exposes Sensitive Personal Information of D.C. Community Members
A cybersecurity incident at CentroNía, a Washington, D.C.-based nonprofit, has exposed the sensitive personal data of individuals served by the organization. The breach occurred between June 10 and July 6, 2025, when an unauthorized actor accessed CentroNía’s network, viewing and exfiltrating files containing personally identifiable information (PII).
CentroNía, founded in 1986, provides bilingual early childhood education, family support, and out-of-school programs to low-income households in the D.C. metropolitan area. The organization partnered with third-party forensic specialists to investigate the breach and has since notified potentially affected individuals.
Compromised data includes:
- Dates of birth
- Social Security numbers
- Driver’s license or government ID numbers
- Passport numbers
- Financial account information
- Medical and health insurance details
The law firm Shamis & Gentile P.A., which specializes in data breach class actions, is investigating the incident and potential legal recourse for impacted individuals. Those affected may be eligible for compensation.
Source: https://www.claimdepot.com/investigations/centronia-data-breach-2026
CentroNía cybersecurity rating report: https://www.rankiteo.com/company/centronia
"id": "CEN1775760245",
"linkid": "centronia",
"type": "Breach",
"date": "6/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Education, Family Support',
'location': 'Washington, D.C.',
'name': 'CentroNía',
'type': 'Nonprofit'}],
'customer_advisories': 'Notified potentially affected individuals',
'data_breach': {'data_exfiltration': 'Yes',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Dates of birth',
'Social Security numbers',
'Driver’s license or government '
'ID numbers',
'Passport numbers',
'Financial account information',
'Medical and health insurance '
'details']},
'date_detected': '2025-07-06',
'description': 'A cybersecurity incident at CentroNía, a Washington, '
'D.C.-based nonprofit, has exposed the sensitive personal data '
'of individuals served by the organization. The breach '
'occurred between June 10 and July 6, 2025, when an '
'unauthorized actor accessed CentroNía’s network, viewing and '
'exfiltrating files containing personally identifiable '
'information (PII).',
'impact': {'data_compromised': 'Personally identifiable information (PII)',
'identity_theft_risk': 'High',
'payment_information_risk': 'High'},
'investigation_status': 'Ongoing',
'references': [{'source': 'Shamis & Gentile P.A.'}],
'regulatory_compliance': {'legal_actions': 'Potential class action '
'investigation by Shamis & Gentile '
'P.A.'},
'response': {'communication_strategy': 'Notified potentially affected '
'individuals',
'third_party_assistance': 'Third-party forensic specialists'},
'threat_actor': 'Unauthorized actor',
'title': 'CentroNía Data Breach Exposes Sensitive Personal Information of '
'D.C. Community Members',
'type': 'Data Breach'}