On June 13, 2025, The Hiller Companies, a fire protection services provider, detected a data breach where attackers unauthorizedly copied files from its systems around December 18, 2024. The compromised data included highly sensitive **personally identifiable information (PII)**—such as names, Social Security numbers, driver’s license numbers, passport numbers, and financial account details—as well as **protected health information (PHI)**, including medical records and health insurance data. At least **123 Massachusetts residents** were confirmed affected, with broader impact across multiple states (e.g., Vermont). The breach exposed customers to severe risks of **identity theft, financial fraud, and medical fraud**, prompting Hiller to offer **24 months of free credit monitoring and identity protection services** via Cyberscout. The incident underscores a **large-scale compromise of customer and employee data**, with potential long-term reputational and financial repercussions for the company.
Source: https://www.claimdepot.com/data-breach/hiller-companies-2025
TPRM report: https://www.rankiteo.com/company/hiller-systems-inc
"id": "hil908090225",
"linkid": "hiller-systems-inc",
"type": "Breach",
"date": "12/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'At least 123 (Massachusetts '
'residents); broader impact '
'likely (notifications filed in '
'Vermont and potentially other '
'states)',
'industry': 'Fire Protection Products and Services',
'name': 'The Hiller Companies',
'type': 'Private Company'}],
'customer_advisories': 'Guidance provided on enrolling in identity protection '
'services, credit monitoring, fraud alerts, and '
'reporting identity theft',
'data_breach': {'data_exfiltration': 'Yes (files copied without authorization '
'on or around Dec. 18, 2024)',
'number_of_records_exposed': 'At least 123 (Massachusetts); '
'total number unclear '
'(notifications filed in '
'multiple states)',
'personally_identifiable_information': 'Yes (names, SSNs, '
'driver’s license '
'numbers, passport '
'numbers, etc.)',
'sensitivity_of_data': 'High (PII and PHI)',
'type_of_data_compromised': ['Names',
'Social Security numbers',
'Driver’s license numbers',
'Unique government-issued '
'identification numbers',
'Passport numbers',
'Financial account information',
'Payment card numbers',
'Protected Health Information '
'(PHI): medical information, '
'health insurance details']},
'date_detected': '2025-06-13',
'description': 'On June 13, 2025, The Hiller Companies, a provider of fire '
'protection products and services, discovered a data security '
'incident that impacted the personal information of '
'individuals connected to its operations. Attackers copied '
'certain files from Hiller’s systems without authorization on '
'or around Dec. 18, 2024. The compromised files contained '
'sensitive personally identifiable information (PII) such as '
'names, Social Security numbers, driver’s license numbers, '
'unique government-issued identification numbers, passport '
'numbers, financial account information, payment card numbers, '
'and protected health information (PHI), including medical '
'information and health insurance details. The breach was '
'disclosed to the Massachusetts and Vermont Attorneys General '
'in August 2025.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'exposure of sensitive customer data',
'data_compromised': ['Personally Identifiable Information (PII)',
'Protected Health Information (PHI)'],
'identity_theft_risk': 'High (due to exposure of SSNs, driver’s '
'license numbers, financial account info, '
'etc.)',
'legal_liabilities': 'Potential legal liabilities due to exposure '
'of PII and PHI under state and federal '
'regulations',
'payment_information_risk': 'High (payment card numbers and '
'financial account information '
'exposed)'},
'investigation_status': 'Completed (forensic investigation led by external '
'cybersecurity experts)',
'recommendations': ['Enroll in complimentary identity protection services '
'(Cyberscout)',
'Obtain free credit reports from major bureaus via '
'www.annualcreditreport.com',
'Place security freeze or fraud alert on credit files',
'Monitor account statements and credit reports for '
'suspicious activity',
'Report identity theft or fraud to law enforcement, state '
'AG, or FTC'],
'references': [{'date_accessed': '2025-08-26',
'source': 'Massachusetts Attorney General’s Office '
'Disclosure'},
{'date_accessed': '2025-08-27',
'source': 'Vermont Attorney General’s Office Disclosure'},
{'source': 'The Hiller Companies Customer Advisory'}],
'regulatory_compliance': {'regulatory_notifications': [{'agency': 'Massachusetts '
'Attorney '
'General’s '
'Office',
'date': '2025-08-26'},
{'agency': 'Vermont '
'Attorney '
'General’s '
'Office',
'date': '2025-08-27'}]},
'response': {'communication_strategy': 'Direct notifications to affected '
'individuals via letter; dedicated '
'assistance line (833-426-8016); '
'guidance on credit monitoring, fraud '
'alerts, and reporting identity theft',
'incident_response_plan_activated': 'Yes (led by external '
'cybersecurity experts)',
'recovery_measures': 'Offering 24 months of complimentary '
'identity protection services (credit '
'monitoring, fraud assistance, etc.) to '
'affected individuals',
'third_party_assistance': 'Cyberscout (TransUnion) for identity '
'protection services'},
'stakeholder_advisories': 'Notifications sent to affected individuals; '
'dedicated assistance line (833-426-8016) for '
'support',
'title': 'Data Security Incident at The Hiller Companies',
'type': 'Data Breach'}