**Nium Discloses Data Breach Impacting 13 Massachusetts Residents**
On December 10, 2025, global payments platform Nium, Inc. reported a data breach to the Massachusetts Attorney General’s office, affecting 13 individuals in the state. The incident stemmed from unauthorized access to the company’s file system, resulting in the download of sensitive customer data.
The breach was first detected on November 3, 2025, when Nium’s security teams identified suspicious access attempts targeting its file storage infrastructure. An investigation revealed that an old file from 2022, stored in a system meant for technical logs rather than personal data, had been compromised. The exposed information included names, email addresses, physical addresses, phone numbers, Social Security numbers, and dates of birth—all classified as personally identifiable information (PII). No protected health information (PHI) or financial details were accessed.
While the breach was quickly contained, the exposure of Social Security numbers heightens the risk of identity theft and phishing attacks for affected individuals. Nium has notified impacted customers via email and is providing complimentary credit monitoring services. The company has also set up a dedicated email ([email protected]) for inquiries, monitored by senior management.
The incident underscores the persistent threat of unauthorized data access, even in systems not primarily designed for storing sensitive information.
Source: https://www.claimdepot.com/data-breach/nium-2025
MOIN, Inc. cybersecurity rating report: https://www.rankiteo.com/company/moin-inc.
"id": "MOI1765584617",
"linkid": "moin-inc.",
"type": "Breach",
"date": "12/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '13 (Massachusetts)',
'industry': 'Financial Services',
'location': 'Global',
'name': 'Nium, Inc.',
'type': 'Payments Platform'}],
'attack_vector': 'Unauthorized access to file system',
'customer_advisories': 'Affected customers are encouraged to contact Nium at '
'[email protected] for questions or to enroll in '
'credit monitoring services.',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': '13 (Massachusetts)',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Email addresses',
'Physical addresses',
'Phone numbers',
'Social Security numbers',
'Dates of birth']},
'date_detected': '2025-11-03',
'date_publicly_disclosed': '2025-12-10',
'description': 'Nium, Inc. disclosed a data breach involving unauthorized '
'access to an old file containing sensitive personal '
'information, including names, email addresses, physical '
'addresses, phone numbers, Social Security numbers, and dates '
'of birth. The breach was detected on Nov. 3, 2025, and '
'impacted 13 individuals in Massachusetts.',
'impact': {'data_compromised': 'Personally identifiable information (PII)',
'identity_theft_risk': 'High',
'payment_information_risk': 'None',
'systems_affected': 'File storage infrastructure'},
'investigation_status': 'Contained',
'post_incident_analysis': {'root_causes': 'Old file containing PII stored in '
'a system primarily used for '
'technical system logs'},
'recommendations': 'Affected individuals should remain vigilant for phishing '
'attempts and impersonation scams, and enroll in '
'complimentary credit monitoring services.',
'references': [{'source': 'Massachusetts Attorney General’s office'}],
'regulatory_compliance': {'regulatory_notifications': 'Massachusetts Attorney '
'General’s office'},
'response': {'communication_strategy': 'Email notifications to affected '
'individuals',
'containment_measures': 'Quick containment after detection',
'incident_response_plan_activated': 'Yes'},
'title': 'Nium Data Breach Involving PII Exposure',
'type': 'Data Breach'}