Rochester Philharmonic Orchestra Hit by Akira Ransomware Attack, Exposing Sensitive Data
The Rochester Philharmonic Orchestra (RPO), a century-old cultural institution based in Rochester, New York, suffered a significant data breach following a ransomware attack by the cybercriminal group Akira. The incident began on October 21, 2025, when the orchestra’s servers exhibited unusual activity, prompting an investigation by independent cybersecurity experts. By November 11, 2025, unauthorized access to parts of the network was confirmed.
On November 25, 2025, Akira claimed responsibility, posting details of the breach on the dark web. A subsequent review revealed that sensitive personal data had been compromised, with the RPO confirming the exposure on May 7, 2026. The breach affected 1,726 individuals across the U.S., including residents of Maine and Vermont.
Exposed information included:
- Social Security numbers
- Driver’s license numbers
- Health insurance details
- Medical records
- Passport numbers
Written notifications were sent to impacted individuals on May 27, 2026. The law firm Shamis & Gentile P.A. is now investigating potential legal action for those affected, citing possible eligibility for compensation. The breach underscores the growing threat of ransomware attacks targeting organizations beyond traditional corporate sectors.
Source: https://www.claimdepot.com/investigations/rochester-philharmonic-orchestra-data-breach-2026
Rochester Philharmonic Orchestra cybersecurity rating report: https://www.rankiteo.com/company/rocphils
"id": "ROC1780072449",
"linkid": "rocphils",
"type": "Ransomware",
"date": "10/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '1726',
'industry': 'Arts & Entertainment',
'location': 'Rochester, New York, USA',
'name': 'Rochester Philharmonic Orchestra',
'type': 'Cultural Institution'}],
'customer_advisories': 'Written notifications sent to impacted individuals on '
'May 27, 2026',
'data_breach': {'number_of_records_exposed': '1726',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Social Security numbers',
'Driver’s license numbers',
'Health insurance details',
'Medical records',
'Passport numbers']},
'date_detected': '2025-10-21',
'date_publicly_disclosed': '2025-11-25',
'description': 'The Rochester Philharmonic Orchestra (RPO), a century-old '
'cultural institution based in Rochester, New York, suffered a '
'significant data breach following a ransomware attack by the '
'cybercriminal group Akira. The incident began on October 21, '
'2025, when the orchestra’s servers exhibited unusual '
'activity, prompting an investigation by independent '
'cybersecurity experts. By November 11, 2025, unauthorized '
'access to parts of the network was confirmed. On November 25, '
'2025, Akira claimed responsibility, posting details of the '
'breach on the dark web. A subsequent review revealed that '
'sensitive personal data had been compromised, with the RPO '
'confirming the exposure on May 7, 2026. The breach affected '
'1,726 individuals across the U.S., including residents of '
'Maine and Vermont. Exposed information included Social '
'Security numbers, driver’s license numbers, health insurance '
'details, medical records, and passport numbers. Written '
'notifications were sent to impacted individuals on May 27, '
'2026.',
'impact': {'data_compromised': 'Sensitive personal data including Social '
'Security numbers, driver’s license numbers, '
'health insurance details, medical records, '
'and passport numbers',
'identity_theft_risk': 'High',
'legal_liabilities': 'Potential legal action for compensation',
'systems_affected': 'Servers and network'},
'investigation_status': 'Ongoing',
'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'Akira'},
'references': [{'source': 'Dark web post by Akira'}],
'regulatory_compliance': {'legal_actions': 'Potential legal action by Shamis '
'& Gentile P.A.'},
'response': {'communication_strategy': 'Written notifications sent to '
'impacted individuals on May 27, 2026',
'third_party_assistance': 'Independent cybersecurity experts'},
'threat_actor': 'Akira',
'title': 'Rochester Philharmonic Orchestra Hit by Akira Ransomware Attack, '
'Exposing Sensitive Data',
'type': 'Ransomware'}