In April 2025, U.S. delivery company OnTrac suffered a data breach exposing sensitive personal information of over 40,000 individuals. The compromised data included names, dates of birth, Social Security numbers, driver’s license or state IDs, and medical/health insurance details. Attackers accessed the company’s network between April 13th and 15th, 2025, though OnTrac claims the data was re-secured and not distributed, with no evidence of misuse or fraud thus far. Despite this, the exposed information could enable malicious activities such as medical identity theft (e.g., fraudulent insurance claims, prescription drug resale), financial fraud (e.g., fake bank accounts, tax returns), or benefits theft. OnTrac responded by offering affected individuals 12 months of free credit monitoring and identity protection services via TransUnion and CyberScout. While the company acted swiftly to mitigate risks, the breach highlights the persistent threat of identity theft and the need for vigilance against phishing and social engineering attacks.
TPRM report: https://www.rankiteo.com/company/ontrac-shipping
"id": "ont537090325",
"linkid": "ontrac-shipping",
"type": "Breach",
"date": "4/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '40,000+ individuals',
'industry': 'Logistics/Transportation',
'location': 'United States',
'name': 'OnTrac',
'type': 'Delivery Company'}],
'customer_advisories': ['12 months of free credit monitoring and identity '
'protection via TransUnion/CyberScout.',
'Guidance on protecting against identity theft (e.g., '
'monitoring accounts, avoiding phishing).'],
'data_breach': {'data_exfiltration': 'Unconfirmed (OnTrac claims data was not '
'distributed)',
'number_of_records_exposed': '40,000+',
'personally_identifiable_information': ['Names',
'Dates of Birth',
'Social Security '
'Numbers',
'Driver’s '
'License/State IDs'],
'sensitivity_of_data': 'High (includes SSNs, medical/health '
'insurance data)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Protected Health Information '
'(PHI)']},
'description': 'Thousands of people had their sensitive personal information '
'exposed in a data breach at U.S. delivery company OnTrac that '
'occurred over two days in April 2025. The breach impacted '
'over 40,000 individuals, exposing personal details such as '
'names, dates of birth, Social Security numbers, driver’s '
'license or state IDs, and medical/health insurance '
"information. The attackers had access to OnTrac's network "
'between April 13th and April 15th, 2025. While OnTrac claims '
'the data was re-secured and not distributed, the exposed '
'information could be used for medical identity theft, '
'fraudulent insurance claims, or other forms of identity '
'theft.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'exposure of sensitive customer data',
'data_compromised': ['Names',
'Dates of Birth',
'Social Security Numbers',
'Driver’s License/State IDs',
'Medical/Health Insurance Information'],
'identity_theft_risk': 'High (medical identity theft, fraudulent '
'insurance claims, false tax returns, bank '
'account fraud)'},
'initial_access_broker': {'data_sold_on_dark_web': 'Unconfirmed (OnTrac '
'claims data was not '
'distributed)',
'high_value_targets': ['Customer PII/PHI']},
'investigation_status': 'Ongoing (no confirmed misuse of data reported by '
'OnTrac)',
'motivation': ['Financial Gain', 'Data Theft'],
'post_incident_analysis': {'corrective_actions': ['Data re-securing',
'Provision of identity '
'protection services to '
'affected individuals']},
'recommendations': ['Invest in identity theft protection services (e.g., '
'TransUnion, CyberScout).',
'Use antivirus software with VPN and privacy protections.',
'Monitor accounts for suspicious activity (e.g., '
'fraudulent claims, unauthorized transactions).',
'Stay vigilant against phishing/social engineering (avoid '
'clicking links/attachments from unknown senders).',
'Leverage free credit monitoring services offered '
'post-breach.'],
'references': [{'source': 'Cybernews'},
{'source': 'Office of the Maine Attorney General'},
{'source': "Tom's Guide"}],
'regulatory_compliance': {'regulatory_notifications': ['Maine Attorney '
'General’s office '
'(sample breach '
'notification letter '
'obtained)']},
'response': {'communication_strategy': 'Data breach notification letters sent '
'to affected individuals; public '
'disclosure via Maine Attorney '
'General’s office',
'containment_measures': 'Data re-secured to prevent further '
'access or distribution',
'incident_response_plan_activated': 'Yes (data re-secured)',
'recovery_measures': ['12 months of free credit monitoring and '
'identity protection services for affected '
'individuals'],
'third_party_assistance': ['TransUnion',
'CyberScout (for identity protection '
'services)']},
'stakeholder_advisories': 'Data breach notification letters sent to affected '
'individuals',
'title': 'OnTrac Data Breach (April 2025)',
'type': ['Data Breach', 'Identity Theft Risk']}