On August 1, 2025, TeamstersCare detected unauthorized network access, leading to a data breach where an actor potentially copied files containing personally identifiable information (PII) and protected health information (PHI). The exposed data included names, Social Security numbers, member IDs, health insurance details, and medical records—affecting 21,469 individuals across Massachusetts, New Hampshire, and Maine. The breach extended to the Teamsters Local 25 Investment Plan, amplifying its scope. Notifications were issued via mail and a public incident notice, with disclosures made to state Attorney Generals' offices. TeamstersCare responded by isolating compromised systems, securing the network, and offering free credit monitoring and identity protection services to victims. The incident poses risks of identity theft, financial fraud, and phishing attacks leveraging the stolen data.
Source: https://www.claimdepot.com/data-breach/teamsters-union-25-2025
TPRM report: https://www.rankiteo.com/company/teamsters-union-local-25-health-services-&-insurance-plan
"id": "tea4072140090625",
"linkid": "teamsters-union-local-25-health-services-&-insurance-plan",
"type": "Breach",
"date": "8/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '21,469 (19,935 in '
'Massachusetts, 1,521 in New '
'Hampshire, 13 in Maine)',
'industry': 'Healthcare',
'location': 'Massachusetts, USA',
'name': 'Teamsters Union 25 Health Services & '
'Insurance Plan (TeamstersCare)',
'type': 'Health Services & Insurance Provider'},
{'industry': 'Financial Services',
'name': 'Teamsters Local 25 Investment Plan',
'type': 'Investment Plan'}],
'customer_advisories': ['Notification letters mailed to affected individuals '
'(starting Sept. 3, 2025)',
'Published data incident notice on TeamstersCare '
'website'],
'data_breach': {'data_exfiltration': 'Possibly copied',
'number_of_records_exposed': '21,469',
'personally_identifiable_information': ['Names',
'Social Security '
'numbers',
'Member IDs',
'Health insurance '
'information',
'Medical information'],
'sensitivity_of_data': 'High (includes names, Social Security '
'numbers, member IDs, health insurance '
'information, medical records)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Protected Health Information '
'(PHI)']},
'date_detected': '2025-08-01',
'date_publicly_disclosed': '2025-09-03',
'description': 'On Aug. 1, 2025, Teamsters Union 25 Health Services & '
'Insurance Plan (TeamstersCare) identified suspicious activity '
'within its network. An investigation determined that an '
'unauthorized actor accessed and possibly copied certain files '
'containing personal data, including PII and PHI. The breach '
'impacted data associated with TeamstersCare and the Teamsters '
'Local 25 Investment Plan, affecting over 21,000 individuals '
'across Massachusetts, New Hampshire, and Maine. Exposed '
'information includes names, Social Security numbers, member '
'IDs, health insurance details, and medical records.',
'impact': {'brand_reputation_impact': 'Potential reputational harm due to '
'exposure of sensitive health and '
'personal data',
'data_compromised': ['Personally Identifiable Information (PII)',
'Protected Health Information (PHI)'],
'identity_theft_risk': 'High (Social Security numbers, health '
'insurance, and medical data exposed)',
'legal_liabilities': "Notifications to Attorney Generals' offices "
'in Maine, Massachusetts, New Hampshire, and '
'Vermont'},
'initial_access_broker': {'high_value_targets': ['PII', 'PHI']},
'investigation_status': 'Completed (review finalized on Aug. 18, 2025)',
'post_incident_analysis': {'corrective_actions': ['Isolated affected systems',
'Secured network',
'Offered credit monitoring '
'services']},
'recommendations': ['Sign up for free credit monitoring and identity '
'protection services provided by TeamstersCare.',
'Monitor credit reports and financial accounts for '
'unusual activity.',
'Be alert for phishing attempts leveraging exposed '
'information.',
'Consider placing a fraud alert or credit freeze with '
'major credit bureaus.'],
'references': [{'source': 'TeamstersCare Data Incident Notice'}],
'regulatory_compliance': {'regulatory_notifications': ['Maine Attorney '
'General',
'Massachusetts '
'Attorney General',
'New Hampshire '
'Attorney General',
'Vermont Attorney '
'General']},
'response': {'communication_strategy': ['Notified affected individuals by '
'mail (starting Sept. 3, 2025)',
'Published data incident notice on '
'website',
'Disclosed breach to Attorney '
"Generals' offices in Maine, "
'Massachusetts, New Hampshire, and '
'Vermont (Sept. 3–4, 2025)'],
'containment_measures': ['Isolated affected systems',
'Secured network'],
'incident_response_plan_activated': True,
'recovery_measures': ['Offered free TransUnion Cyberscout '
'single-bureau credit monitoring and '
'identity protection services to affected '
'individuals']},
'threat_actor': 'Unauthorized actor',
'title': 'Teamsters Union 25 Health Services & Insurance Plan Data Breach',
'type': 'Data Breach'}