RMS Data Breach Exposes Sensitive Personal Information in 2025-2026 Incident
RMS recently disclosed a data breach to the New Hampshire Attorney General, revealing that unauthorized access to its email environment may have compromised sensitive personal identifiable information (PII). The incident was detected in January 2026, prompting an internal investigation.
The breach occurred between November 24, 2025, and January 7, 2026, during which an unauthorized third party accessed emails containing PII. The exposed data varies by individual but includes names, Social Security numbers, dates of birth, account numbers, and routing numbers.
Following a review to identify affected individuals, RMS began mailing breach notification letters on March 16, 2026. The notices detail the specific types of compromised information and offer complimentary credit monitoring services to impacted individuals. The breach report filed with the New Hampshire Attorney General provides further documentation.
Source: https://straussborrelli.com/2026/03/18/retail-merchandising-services-data-breach-investigation/
Omega RMS, LLC cybersecurity rating report: https://www.rankiteo.com/company/omega-rms-llc
"id": "OME1773844880",
"linkid": "omega-rms-llc",
"type": "Breach",
"date": "11/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Varies by individual',
'name': 'RMS',
'type': 'Company'}],
'attack_vector': 'Unauthorized access to email environment',
'customer_advisories': 'Complimentary credit monitoring services offered to '
'impacted individuals',
'data_breach': {'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Social Security numbers',
'Dates of birth',
'Account numbers',
'Routing numbers']},
'date_detected': '2026-01',
'date_publicly_disclosed': '2026-03-16',
'description': 'RMS disclosed a data breach to the New Hampshire Attorney '
'General, revealing that unauthorized access to its email '
'environment may have compromised sensitive personal '
'identifiable information (PII). The exposed data includes '
'names, Social Security numbers, dates of birth, account '
'numbers, and routing numbers.',
'impact': {'data_compromised': 'Sensitive personal identifiable information '
'(PII)',
'identity_theft_risk': 'High',
'payment_information_risk': 'High',
'systems_affected': 'Email environment'},
'investigation_status': 'Ongoing',
'references': [{'source': 'New Hampshire Attorney General'}],
'regulatory_compliance': {'regulatory_notifications': 'Reported to New '
'Hampshire Attorney '
'General'},
'response': {'communication_strategy': 'Breach notification letters mailed to '
'affected individuals'},
'threat_actor': 'Unauthorized third party',
'title': 'RMS Data Breach Exposes Sensitive Personal Information',
'type': 'Data Breach'}