**ERS Data Breach Exposes Payment Card and Personal Information in Cybersecurity Incident**
On December 15, 2025, Event Rental Systems (ERS) disclosed a cybersecurity breach involving unauthorized access to customer data. The incident occurred when an attacker injected malicious code into certain modules of ERS’s customer websites, potentially compromising sensitive information.
Affected data includes personally identifiable information (PII) such as contact details, payment card numbers, CVV codes, and expiration dates. The exact number of impacted individuals remains undisclosed.
Lynch Carpenter LLP, a national class action law firm, is investigating potential legal claims against ERS on behalf of those affected. The firm, which specializes in data privacy litigation, has urged individuals who received breach notifications in the past 30 days to seek legal review.
ERS has not provided further details on the breach’s scope, timeline, or remediation efforts. The incident highlights ongoing risks to payment processing systems and third-party integrations in the events industry.
D. E. Systems Ltd. cybersecurity rating report: https://www.rankiteo.com/company/d--e--systems-ltd-
"id": "D--1765844138",
"linkid": "d--e--systems-ltd-",
"type": "Breach",
"date": "12/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Unknown number of individuals',
'industry': 'Event Rental Software',
'location': 'Pittsburgh, USA',
'name': 'Event Rental Systems (ERS)',
'type': 'Company'}],
'attack_vector': 'Unauthorized code insertion',
'customer_advisories': 'Individuals impacted may be entitled to compensation; '
'advised to contact Lynch Carpenter LLP.',
'data_breach': {'data_exfiltration': 'Possible',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Contact information',
'Payment card number',
'CVV',
'Expiration date']},
'date_publicly_disclosed': '2025-12-15',
'description': 'An unauthorized person inserted unauthorized code into '
'certain modules of ERS’s customers’ websites and may have '
'acquired records containing personally identifiable '
'information (PII), including contact information, payment '
'card numbers, CVV, and expiration dates.',
'impact': {'data_compromised': 'Personally identifiable information (PII), '
'payment card details (number, CVV, expiration '
'date)',
'identity_theft_risk': 'High',
'payment_information_risk': 'High',
'systems_affected': 'ERS customers’ websites'},
'initial_access_broker': {'entry_point': 'ERS customers’ websites'},
'investigation_status': 'Ongoing (Lynch Carpenter LLP investigation)',
'references': [{'date_accessed': '2025-12-15',
'source': 'Globe Newswire',
'url': 'https://eventrentalsystems.com/'}],
'regulatory_compliance': {'legal_actions': 'Potential class action '
'investigation by Lynch Carpenter '
'LLP'},
'response': {'communication_strategy': 'Public disclosure via press release',
'third_party_assistance': 'Lynch Carpenter LLP (legal '
'investigation)'},
'title': 'ERS Cybersecurity Incident and Data Breach',
'type': 'Data Breach'}