Idera Reports Data Breach Affecting Over 2,000 Individuals
On February 26, 2026, Idera (operating as Flash Charm, Inc.) disclosed a data breach impacting 2,015 individuals across the U.S., with the highest concentrations in Texas (606), Massachusetts (36), and Maine (2). The unauthorized access was first detected on October 31, 2025, prompting the company to secure the affected system, notify law enforcement, and launch a forensic investigation.
The breach was confined to a third-party file-hosting service and did not compromise Idera’s internal systems or products. Exposed data included sensitive personal and financial information, such as names, Social Security numbers, driver’s license details, government-issued IDs, credit/debit card numbers, health insurance data, and financial account numbers.
Idera filed regulatory disclosures with the attorneys general of California, Maine, Massachusetts, and Texas, and mailed notifications to affected individuals on February 26, 2026. As part of its response, the company is offering two years of free credit monitoring and identity theft protection through IDX, including $1 million in insurance reimbursement, identity restoration support, and dark web monitoring. Enrollment is available until May 26, 2026, via instructions provided in the notification letters.
Source: https://www.claimdepot.com/data-breach/idera-2026
Idera, Inc. cybersecurity rating report: https://www.rankiteo.com/company/idera-inc
"id": "IDE1772239792",
"linkid": "idera-inc",
"type": "Breach",
"date": "2/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '2015',
'industry': 'Software/Technology',
'location': 'U.S.',
'name': 'Idera (Flash Charm, Inc.)',
'type': 'Company'}],
'attack_vector': 'Third-party file-hosting service compromise',
'customer_advisories': 'Mailed notifications to affected individuals on '
'February 26, 2026 with instructions for credit '
'monitoring enrollment',
'data_breach': {'number_of_records_exposed': '2015',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Social Security numbers',
'Driver’s license details',
'Government-issued IDs',
'Credit/debit card numbers',
'Health insurance data',
'Financial account numbers']},
'date_detected': '2025-10-31',
'date_publicly_disclosed': '2026-02-26',
'description': 'Idera (operating as Flash Charm, Inc.) disclosed a data '
'breach impacting 2,015 individuals across the U.S. The '
'unauthorized access was detected on October 31, 2025, and '
'exposed sensitive personal and financial information via a '
'third-party file-hosting service.',
'impact': {'data_compromised': 'Sensitive personal and financial information',
'identity_theft_risk': 'High',
'payment_information_risk': 'High',
'systems_affected': 'Third-party file-hosting service'},
'investigation_status': 'Ongoing',
'post_incident_analysis': {'corrective_actions': 'Secured the affected '
'system, offered credit '
'monitoring and identity '
'theft protection',
'root_causes': 'Third-party file-hosting service '
'compromise'},
'references': [{'source': 'Idera Data Breach Notification'}],
'regulatory_compliance': {'regulatory_notifications': ['California Attorney '
'General',
'Maine Attorney '
'General',
'Massachusetts '
'Attorney General',
'Texas Attorney '
'General']},
'response': {'communication_strategy': 'Filed regulatory disclosures and '
'mailed notifications to affected '
'individuals',
'containment_measures': 'Secured the affected system',
'incident_response_plan_activated': 'Yes',
'law_enforcement_notified': 'Yes',
'remediation_measures': 'Offering two years of free credit '
'monitoring and identity theft '
'protection',
'third_party_assistance': 'Forensic investigation'},
'title': 'Idera Data Breach Affecting Over 2,000 Individuals',
'type': 'Data Breach'}