Integrity Testing & Safety Administrators Inc. (ITSA), a third-party administrator handling workplace drug and alcohol testing, suffered a data breach on or around March 27, 2025. An unauthorized actor infiltrated ITSA’s internal systems, compromising personally identifiable information (PII) of Frontier Airlines’ current and former employees and applicants. The exposed data included names, dates of birth, Social Security numbers, and driver’s license numbers, placing affected individuals at high risk of identity theft.The breach was confirmed after a review concluded on August 1, 2025, with notifications sent to victims via mail on August 15, 2025. ITSA disclosed the incident to the Massachusetts and New Hampshire Attorneys General on September 11, 2025. In response, the company offered free IDX identity theft protection services to impacted individuals and established a dedicated assistance line. The breach’s severity stems from the sensitive nature of the leaked employee data, which could enable fraud, financial exploitation, or long-term identity-related crimes.
Source: https://www.claimdepot.com/data-breach/integrity-testing-safety-administrators-2025
TPRM report: https://www.rankiteo.com/company/integrity-testing-safety-administrators-inc-itsa
"id": "int1202312091625",
"linkid": "integrity-testing-safety-administrators-inc-itsa",
"type": "Breach",
"date": "3/2025",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Workplace drug and alcohol testing',
'name': 'Integrity Testing & Safety Administrators '
'Inc. (ITSA)',
'type': 'Third-party administrator'},
{'customers_affected': 'Current and former applicants '
'and employees',
'industry': 'Aviation',
'name': 'Frontier Airlines',
'type': 'Airline'}],
'customer_advisories': ['Offer of free IDX identity theft protection services '
'for individuals with compromised Social Security '
'numbers.',
'Dedicated assistance line for questions or concerns '
'about the incident.'],
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': ['names',
'dates of birth',
'Social Security '
'numbers',
"driver's license "
'numbers'],
'sensitivity_of_data': 'High (includes Social Security '
'numbers)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)']},
'date_detected': '2025-03-27',
'date_publicly_disclosed': '2025-08-15',
'description': 'Integrity Testing & Safety Administrators Inc. (ITSA), a '
'third-party administrator specializing in workplace drug and '
'alcohol testing, experienced a data breach on or about March '
'27, 2025. An unauthorized actor gained access to internal '
'systems and compromised the personally identifiable '
"information (PII) of Frontier Airlines' current and former "
'applicants and employees. Exposed data included names, dates '
"of birth, Social Security numbers, and driver's license "
'numbers. The breach was disclosed to affected individuals and '
'regulatory authorities in August and September 2025, '
'respectively. ITSA is offering free identity theft protection '
'services to impacted individuals.',
'impact': {'brand_reputation_impact': 'High (risk of identity theft for '
'affected individuals)',
'data_compromised': ['names',
'dates of birth',
'Social Security numbers',
"driver's license numbers"],
'identity_theft_risk': 'High',
'systems_affected': ['internal systems']},
'initial_access_broker': {'high_value_targets': ['Personally Identifiable '
'Information (PII) of '
'Frontier Airlines '
'applicants and employees']},
'investigation_status': 'Completed (review finalized on 2025-08-01)',
'post_incident_analysis': {'corrective_actions': ['Providing identity theft '
'protection services',
'Establishing a dedicated '
'assistance line for '
'affected individuals']},
'recommendations': ['Sign up for the free IDX identity theft protection '
'services offered by ITSA.',
'Monitor credit reports and financial accounts for '
'unusual activity.',
'Be alert for phishing emails or phone calls that may use '
'exposed information.',
'Consider placing a fraud alert or credit freeze with '
'major credit bureaus.'],
'references': [{'source': 'Integrity Testing & Safety Administrators Inc. '
'(ITSA) website'},
{'source': 'Claim Depot (article)'}],
'regulatory_compliance': {'regulatory_notifications': ['Massachusetts '
'Attorney General '
'(2025-09-11)',
'New Hampshire '
'Attorney General '
'(2025-09-11)']},
'response': {'communication_strategy': ['Mail notifications to affected '
'individuals (sent on 2025-08-15)',
'Disclosure to Massachusetts and New '
'Hampshire Attorneys General '
'(2025-09-11)'],
'incident_response_plan_activated': True,
'remediation_measures': ['Offering free IDX identity theft '
'protection services',
'Setting up a dedicated assistance line '
'for affected individuals']},
'stakeholder_advisories': ['Notifications sent to affected individuals via '
'mail (2025-08-15)',
'Disclosure to state Attorneys General '
'(2025-09-11)'],
'threat_actor': 'Unauthorized actor',
'title': 'Data Breach at Integrity Testing & Safety Administrators Inc. '
'(ITSA) Affecting Frontier Airlines Applicants and Employees',
'type': 'Data Breach'}