SSA Holdings, LLC, a Texas-based company managing 80 cultural attractions (zoos, museums, and aquariums), suffered a data breach after an unauthorized hacker accessed its network on September 15, 2025. The intrusion was detected following suspicious activity, and a forensic investigation confirmed on October 24, 2025, that the stolen files contained sensitive personally identifiable information (PII), including names and Social Security numbers (SSNs) of affected individuals. In Texas alone, 1,639 people were impacted. The company notified victims via mail and offered free identity monitoring services (credit monitoring, $1M fraud reimbursement, and restoration support) through Kroll. Legal firms are investigating potential compensation claims for affected parties, citing violations of data protection laws. The breach exposed victims to risks of identity theft, financial fraud, and long-term reputational harm, with lawsuits likely to address negligence in safeguarding PII.
Source: https://www.claimdepot.com/investigations/ssa-holdings-data-breach-2025
TPRM report: https://www.rankiteo.com/company/service-systems-associates
"id": "ser4292742111525",
"linkid": "service-systems-associates",
"type": "Breach",
"date": "9/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '1,639 (in Texas alone)',
'industry': 'Cultural Attractions (Zoos, Museums, '
'Aquariums)',
'location': 'Amarillo, Texas, USA',
'name': 'SSA Holdings, LLC',
'type': 'Business (Service Provider)'}],
'customer_advisories': ['Review notification letters and follow instructions.',
'Activate identity monitoring services via Kroll.',
'Stay vigilant for signs of identity theft.'],
'data_breach': {'data_exfiltration': 'Yes (copies of files acquired by hacker '
'on Sept. 15, 2025)',
'number_of_records_exposed': '1,639 (in Texas; total unknown)',
'personally_identifiable_information': ['Full names',
'Social Security '
'numbers'],
'sensitivity_of_data': 'High (includes Social Security '
'numbers)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)']},
'description': 'SSA Holdings, a company providing services to cultural '
'attractions (zoos, museums, aquariums), experienced a data '
'breach where an unauthorized person accessed its computer '
'network. The breach was discovered after suspicious activity '
'was identified, and files containing sensitive personal '
'information (including names and Social Security numbers) '
'were exfiltrated. The incident affected at least 1,639 '
'individuals in Texas alone. SSA Holdings offered identity '
'monitoring services via Kroll to affected individuals.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'exposure of sensitive PII',
'data_compromised': ['Names', 'Social Security numbers'],
'identity_theft_risk': 'High (due to exposure of SSNs and names)',
'legal_liabilities': 'Potential lawsuits and compensation claims '
'for affected individuals',
'systems_affected': ['Computer network']},
'initial_access_broker': {'high_value_targets': ['Sensitive PII (Social '
'Security numbers)']},
'investigation_status': 'Ongoing (as of the description; lawyers '
'investigating potential claims)',
'post_incident_analysis': {'corrective_actions': ['Offered identity '
'monitoring services',
'Notified affected '
'individuals and law '
'enforcement']},
'ransomware': {'data_exfiltration': 'Yes'},
'recommendations': ['Monitor account statements and credit reports for '
'unauthorized activity.',
'Enroll in free identity monitoring services provided by '
'Kroll.',
'Consider placing a fraud alert or security freeze on '
'credit files.',
'Report suspected identity theft to the FTC, state '
'Attorney General, and local law enforcement.'],
'references': [{'source': 'Shamis & Gentile P.A. Investigation Page'},
{'source': 'Kroll Identity Monitoring Enrollment',
'url': 'https://enroll.krollmonitoring.com'}],
'regulatory_compliance': {'legal_actions': ['Potential class-action lawsuits '
'(under investigation by Shamis & '
'Gentile P.A.)']},
'response': {'communication_strategy': ['Direct mail notifications',
'Public advisory via Shamis & Gentile '
'P.A. investigation page'],
'incident_response_plan_activated': 'Yes (immediate action taken '
'to contain the incident)',
'law_enforcement_notified': 'Yes',
'remediation_measures': ['Notification to affected individuals '
'via U.S. mail',
'Free identity monitoring services '
'(credit monitoring, fraud '
'consultation, identity theft '
'restoration)'],
'third_party_assistance': ['Kroll (identity monitoring '
'services)']},
'threat_actor': 'Unauthorized person/hacker',
'title': 'SSA Holdings, LLC Data Breach',
'type': 'Data Breach'}