FirstFruits Reports Data Breach Impacting Sensitive Personal Information
FirstFruits, a U.S.-based organization, disclosed a data breach in a notice filed with the Washington Attorney General’s office, revealing that unauthorized access to sensitive personal information may have occurred. The incident was detected on September 12, 2025, when unusual activity was identified within its systems.
An investigation confirmed that an unauthorized third party accessed or acquired personal data, prompting FirstFruits to review the affected records. The exposed information varies by individual but includes names and Social Security numbers.
On December 29, 2025, FirstFruits began mailing breach notification letters to impacted individuals, detailing the specific data compromised. As part of its response, the organization is offering 12 months of complimentary credit monitoring services to affected parties. The breach notice filed with Washington authorities provides further details on the incident.
Source: https://straussborrelli.com/2026/01/21/firstfruits-farms-data-breach-investigation/
FirstFruits Marketing, LLC. cybersecurity rating report: https://www.rankiteo.com/company/firstfruitsmarketing
"id": "FIR1769016719",
"linkid": "firstfruitsmarketing",
"type": "Breach",
"date": "9/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'location': 'U.S.',
'name': 'FirstFruits',
'type': 'Organization'}],
'customer_advisories': 'Breach notification letters detailing the specific '
'data compromised',
'data_breach': {'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Social Security numbers']},
'date_detected': '2025-09-12',
'date_publicly_disclosed': '2025-12-29',
'description': 'FirstFruits, a U.S.-based organization, disclosed a data '
'breach in a notice filed with the Washington Attorney '
'General’s office, revealing that unauthorized access to '
'sensitive personal information may have occurred. The '
'incident was detected on September 12, 2025, when unusual '
'activity was identified within its systems. An investigation '
'confirmed that an unauthorized third party accessed or '
'acquired personal data, prompting FirstFruits to review the '
'affected records. The exposed information varies by '
'individual but includes names and Social Security numbers. On '
'December 29, 2025, FirstFruits began mailing breach '
'notification letters to impacted individuals, detailing the '
'specific data compromised. As part of its response, the '
'organization is offering 12 months of complimentary credit '
'monitoring services to affected parties.',
'impact': {'data_compromised': 'Sensitive personal information including '
'names and Social Security numbers',
'identity_theft_risk': 'High'},
'investigation_status': 'Completed',
'recommendations': 'Offering 12 months of complimentary credit monitoring '
'services to affected parties',
'references': [{'source': 'Washington Attorney General’s office'}],
'regulatory_compliance': {'regulatory_notifications': 'Filed with the '
'Washington Attorney '
'General’s office'},
'response': {'communication_strategy': 'Breach notification letters mailed to '
'impacted individuals'},
'threat_actor': 'Unauthorized third party',
'title': 'FirstFruits Data Breach Impacting Sensitive Personal Information',
'type': 'Data Breach'}