Goglia Nutrition LLC, a health and wellness company specializing in personalized nutrition plans, experienced a data breach via its third-party hosting provider, FuturHealth. An unauthorized actor accessed subscriber data, exposing highly sensitive personally identifiable information (PII) and protected health information (PHI). The compromised data included names, current/previous medical diagnoses, treatments, prescriptions, provider details, and health insurance information all submitted by users as part of their subscription. The breach was discovered on or before October 16, 2024, with investigations concluding by October 13, 2025, and notifications sent to affected individuals shortly after. The incident was formally reported to the California Attorney General’s office on October 30, 2025. Victims face risks of identity theft, medical fraud, financial exploitation, and emotional distress, with legal firms actively pursuing class-action lawsuits for compensation covering out-of-pocket expenses, time spent mitigating harm, and damages for unauthorized exposure of sensitive medical records.
Source: https://www.claimdepot.com/investigations/goglia-nutrition-data-breach-2025
TPRM report: https://www.rankiteo.com/company/goglia-nutrition
"id": "gog4402444110125",
"linkid": "goglia-nutrition",
"type": "Breach",
"date": "10/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'G-Plans subscribers (exact '
'number not specified)',
'industry': 'Health, Wellness, and Fitness',
'location': ['San Diego, California (HQ)',
'Oregon',
'Massachusetts',
'West Hollywood, California'],
'name': 'Goglia Nutrition LLC (G-Plans)',
'type': 'Private Company'},
{'industry': 'Healthcare IT / Data Hosting',
'name': 'FuturHealth',
'type': 'Third-Party Data Hosting Provider'}],
'attack_vector': 'Unauthorized access via third-party hosting provider '
'(FuturHealth)',
'customer_advisories': 'Mail notifications sent to affected subscribers with '
'guidance on credit monitoring, fraud alerts, and '
'legal rights',
'data_breach': {'data_exfiltration': 'Yes',
'personally_identifiable_information': ['Names',
'Medical provider '
'information',
'Health insurance '
'details'],
'sensitivity_of_data': 'High (includes medical diagnoses, '
'treatments, prescriptions, and '
'insurance details)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Protected Health Information '
'(PHI)']},
'date_detected': '2024-10-16',
'date_publicly_disclosed': '2025-10-17',
'description': 'Goglia Nutrition LLC, a health and wellness company, '
'experienced a data breach through its third-party data '
'hosting provider, FuturHealth. Unauthorized actors accessed '
'subscriber data, including highly sensitive medical and '
'personally identifiable information (PII). The breach was '
'detected on or before October 16, 2024, with notifications '
'sent to affected individuals starting October 17, 2025. The '
"incident was reported to the California Attorney General's "
'office on October 30, 2025.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'exposure of sensitive medical data',
'data_compromised': ['Names',
'Current and previous medical diagnoses',
'Current and previous medical treatments',
'Current prescriptions',
'Medical provider information',
'Health insurance information'],
'identity_theft_risk': 'High (due to exposure of PII and medical '
'data)',
'legal_liabilities': 'Potential lawsuits and compensation claims '
'for affected individuals',
'systems_affected': ['G-Plans subscriber database (hosted by '
'FuturHealth)']},
'initial_access_broker': {'high_value_targets': 'Subscriber medical and PII '
'data'},
'investigation_status': 'Completed (as of 2025-10-13)',
'recommendations': ['Enroll in free credit monitoring and identity protection '
'services if offered',
'Monitor financial statements for suspicious activity',
'Place a fraud alert on credit reports',
'Request free annual credit reports from major bureaus',
'Seek legal counsel for potential compensation claims'],
'references': [{'source': 'Shamis & Gentile P.A. Investigation Notice'},
{'date_accessed': '2025-10-30',
'source': "California Attorney General's Office (Breach "
'Report)'}],
'regulatory_compliance': {'legal_actions': 'Potential class-action lawsuits '
'(investigation by Shamis & '
'Gentile P.A.)',
'regulatory_notifications': 'Reported to the '
'California Attorney '
"General's office "
'(2025-10-30)'},
'response': {'communication_strategy': 'Mail notifications to affected '
'subscribers (started 2025-10-17)',
'incident_response_plan_activated': 'Yes (investigation '
'completed by 2025-10-13)'},
'threat_actor': 'Unauthorized actor(s)',
'title': 'Goglia Nutrition LLC (G-Plans) Data Breach via FuturHealth',
'type': 'Data Breach (Third-Party Vendor Compromise)'}