Chatham Asset Management Data Breach Under Investigation Following Cyberattack
Chatham Asset Management, a New Jersey-based hedge fund specializing in alternative assets, confirmed a data breach after detecting unauthorized activity within its network on December 8, 2025. The firm, which manages investments for high-net-worth clients and holds controlling interests in companies like Postmedia, McClatchy, and RR Donnelley, responded by securing its systems and engaging third-party cybersecurity experts to investigate.
The hacking group Worldleaks claimed responsibility for the breach, threatening to publish stolen data on the dark web as early as December 23, 2025. Chatham officially disclosed the incident to regulators on January 20, 2026 (Massachusetts Office of Consumer Affairs and Business Regulation) and January 21, 2026 (Vermont Attorney General).
The breach potentially exposed sensitive personally identifiable information (PII), including:
- Names
- Social Security numbers
- Driver’s license details
Affected individuals were notified and offered complimentary credit monitoring and identity restoration services through Cyberscout. Law firm Shamis & Gentile P.A. is investigating potential legal claims for those impacted.
Chatham Asset Management, founded in 2001 by Anthony Melchiorre, operates with approximately 23 employees across offices in New Jersey and Chicago. The full scope of the breach and its financial or operational impact remains under review.
Source: https://www.claimdepot.com/investigations/chatham-asset-management-data-breach-2026
Chatham Capital Group, Inc. cybersecurity rating report: https://www.rankiteo.com/company/chatham-capital-group-inc.
Postmedia Network Inc. cybersecurity rating report: https://www.rankiteo.com/company/postmedia-network-inc.
McClatchy Media cybersecurity rating report: https://www.rankiteo.com/company/the-mcclatchy-company
RR Donnelley cybersecurity rating report: https://www.rankiteo.com/company/rr-donnelley
"id": "CHAPOSTHERR-1769110042",
"linkid": "chatham-capital-group-inc., postmedia-network-inc., the-mcclatchy-company, rr-donnelley",
"type": "Breach",
"date": "6/2001",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'High-net-worth clients',
'industry': 'Finance/Investment',
'location': 'New Jersey, USA; Chicago, USA',
'name': 'Chatham Asset Management',
'size': '23 employees',
'type': 'Hedge Fund'}],
'customer_advisories': 'Complimentary credit monitoring and identity '
'restoration services through Cyberscout',
'data_breach': {'data_exfiltration': 'Threatened to publish on dark web',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Social Security numbers',
'Driver’s license details']},
'date_detected': '2025-12-08',
'date_publicly_disclosed': '2026-01-20',
'description': 'Chatham Asset Management, a New Jersey-based hedge fund '
'specializing in alternative assets, confirmed a data breach '
'after detecting unauthorized activity within its network on '
'December 8, 2025. The hacking group Worldleaks claimed '
'responsibility and threatened to publish stolen data on the '
'dark web.',
'impact': {'data_compromised': 'Sensitive personally identifiable information '
'(PII)',
'identity_theft_risk': 'High'},
'investigation_status': 'Under investigation',
'references': [{'source': 'Regulatory filings'}],
'regulatory_compliance': {'legal_actions': 'Potential legal claims (Shamis & '
'Gentile P.A.)',
'regulatory_notifications': ['Massachusetts Office '
'of Consumer Affairs '
'and Business '
'Regulation '
'(2026-01-20)',
'Vermont Attorney '
'General '
'(2026-01-21)']},
'response': {'communication_strategy': 'Regulatory disclosures and customer '
'notifications',
'containment_measures': 'Secured systems',
'incident_response_plan_activated': 'Yes',
'third_party_assistance': 'Cybersecurity experts'},
'threat_actor': 'Worldleaks',
'title': 'Chatham Asset Management Data Breach',
'type': 'Data Breach'}