R3 Government Solutions, LLC, a management consulting firm specializing in human capital and HR services for federal agencies (e.g., DHS, Veterans Health Administration), suffered a data breach discovered on September 21, 2025. Unauthorized actors accessed HR personnel documents, exposing sensitive personally identifiable information (PII) of current and former employees, including: - Full names - Addresses - Social Security numbers (SSNs) - Driver’s license numbers - Passport numbers - Direct deposit details The breach was reported to the Maine Attorney General’s office on October 17, 2025, with affected individuals notified the same day. The exposed data poses significant risks of identity theft, financial fraud, and unauthorized account access. R3 offered 12 months of free credit monitoring (TransUnion Cyberscout) to mitigate harm, but the incident remains under investigation for potential class-action litigation due to the severity of the exposed employee data.
Source: https://www.claimdepot.com/investigations/r3-government-solutions-data-breach-2025
TPRM report: https://www.rankiteo.com/company/r3-government-solutions
"id": "r3-2602426102125",
"linkid": "r3-government-solutions",
"type": "Breach",
"date": "9/2025",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'customers_affected': 'Current and former employees '
'(number not specified)',
'industry': 'Human Capital Management, HR Operations, '
'Training Solutions (Federal Government '
'Clients)',
'location': 'Arlington, Virginia, USA',
'name': 'R3 Government Solutions, LLC',
'type': 'Management Consulting Firm'}],
'customer_advisories': ['Steps to protect against identity theft (credit '
'monitoring, fraud alerts, financial statement '
'reviews)',
'Legal rights and options for compensation via class '
'action lawsuit'],
'data_breach': {'data_exfiltration': 'Likely (unauthorized access to HR '
'documents)',
'file_types_exposed': ['HR personnel documents'],
'personally_identifiable_information': ['Name',
'Address',
'Social Security '
'number',
"Driver's license "
'number',
'Passport number'],
'sensitivity_of_data': "High (includes SSN, driver's license, "
'passport, and financial data)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Financial Information (direct '
'deposit details)']},
'date_detected': '2025-09-21',
'date_publicly_disclosed': '2025-10-17',
'description': 'R3 Government Solutions LLC, a management consulting firm '
'specializing in human capital management and HR operations '
'for federal government clients, discovered a data breach on '
'September 21, 2025. Unauthorized parties accessed HR '
'personnel documents, exposing sensitive personally '
'identifiable information (PII) of current and former '
'employees. The breach was reported to the Maine Attorney '
'General’s office on October 17, 2025, and affected '
'individuals were notified via mail on the same date.',
'impact': {'brand_reputation_impact': 'Potential reputational harm due to '
'exposure of sensitive employee data',
'data_compromised': ['Name',
'Address',
'Social Security number',
"Driver's license number",
'Passport number',
'Direct deposit information'],
'identity_theft_risk': "High (due to exposure of SSN, driver's "
'license, passport, and direct deposit '
'info)',
'legal_liabilities': 'Potential class action lawsuits and '
'compensation claims',
'payment_information_risk': 'High (direct deposit information '
'exposed)',
'systems_affected': ['HR personnel documents system']},
'initial_access_broker': {'high_value_targets': ['HR personnel documents']},
'investigation_status': 'Ongoing (class action lawsuit investigation by '
'Shamis & Gentile P.A.)',
'post_incident_analysis': {'corrective_actions': ['Credit monitoring services '
'offered to affected '
'individuals',
'Regulatory notification '
'(Maine Attorney General’s '
'office)']},
'recommendations': ['Enroll in the provided 12 months of free TransUnion '
'Cyberscout credit monitoring',
'Monitor financial statements regularly for suspicious '
'activity',
'Place a fraud alert on credit reports',
'Request free annual credit reports from major bureaus',
'Consider legal action for compensation via class action '
'lawsuit'],
'references': [{'source': 'Shamis & Gentile P.A. Investigation Notice'},
{'date_accessed': '2025-10-17',
'source': 'Maine Attorney General’s Office Breach Report'}],
'regulatory_compliance': {'legal_actions': 'Potential class action lawsuits '
'(under investigation by Shamis & '
'Gentile P.A.)',
'regulatory_notifications': ['Maine Attorney '
'General’s office '
'(reported on October '
'17, 2025)']},
'response': {'communication_strategy': ['Direct mail notifications to '
'affected individuals',
'Public disclosure via Maine Attorney '
'General’s office',
'Credit monitoring enrollment '
'instructions'],
'incident_response_plan_activated': 'Yes (investigation '
'initiated post-detection)',
'remediation_measures': ['Notified affected individuals via mail '
'(October 17, 2025)',
'Reported breach to Maine Attorney '
'General’s office (October 17, 2025)',
'Offered 12 months of free TransUnion '
'Cyberscout single-bureau credit '
'monitoring to affected individuals']},
'stakeholder_advisories': ['Mail notifications to affected individuals '
'(October 17, 2025)',
'Credit monitoring enrollment instructions',
'Fraud prevention guidance (e.g., fraud alerts, '
'credit report monitoring)'],
'title': 'R3 Government Solutions, LLC Data Breach',
'type': 'Data Breach'}