Universal Pure LLC Discloses Major Data Breach Affecting Over 1,100 Individuals
Universal Pure LLC, North America’s largest high-pressure processing service provider for the food and beverage industry, has reported a data breach impacting individuals across multiple states. The breach was disclosed in regulatory filings with the attorneys general of Maine, New Hampshire, and Texas on April 21, 2026, affecting 1,183 individuals one in Maine, three in New Hampshire, and 1,179 in Texas.
The company detected unauthorized access to its systems between July 10 and August 20, 2024, during which files were exfiltrated on multiple occasions. After securing its network, Universal Pure launched an investigation, completing a review of affected systems and files by August 7, 2025. Address validation for notifications was finalized on April 15, 2026, nearly 20 months after the breach was discovered.
Exposed data varies by individual but may include names, Social Security numbers, driver’s license numbers, financial account details, medical information, and health insurance data.
In response, Universal Pure is offering 12 months of free credit monitoring and identity theft protection through Cyberscout (a TransUnion company), including single-bureau credit monitoring, credit reports, and fraud assistance. Affected individuals must enroll within 90 days of receiving their notification letter using a unique code. A dedicated helpline is also available for inquiries.
The breach highlights prolonged delays in breach detection, investigation, and notification, raising concerns about data security practices in the food and beverage processing sector.
Source: https://www.claimdepot.com/data-breach/universal-pure-2026
Universal Pure cybersecurity rating report: https://www.rankiteo.com/company/universalpure
"id": "UNI1777049294",
"linkid": "universalpure",
"type": "Breach",
"date": "7/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '1183',
'industry': 'Food and Beverage Processing',
'location': 'North America',
'name': 'Universal Pure LLC',
'type': 'Corporation'}],
'customer_advisories': 'Notification letters sent to affected individuals '
'with instructions for enrolling in credit monitoring '
'services.',
'data_breach': {'data_exfiltration': 'Yes (files exfiltrated on multiple '
'occasions between July 10 and August '
'20, 2024)',
'number_of_records_exposed': '1183',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Social Security numbers',
'Driver’s license numbers',
'Financial account details',
'Medical information',
'Health insurance data']},
'date_detected': '2024-07-10',
'date_publicly_disclosed': '2026-04-21',
'date_resolved': '2025-08-07',
'description': 'Universal Pure LLC, North America’s largest high-pressure '
'processing service provider for the food and beverage '
'industry, reported a data breach impacting individuals across '
'multiple states. The breach involved unauthorized access to '
'systems and exfiltration of files containing sensitive '
'personal and financial information.',
'impact': {'brand_reputation_impact': 'Raised concerns about data security '
'practices in the food and beverage '
'processing sector',
'data_compromised': 'Sensitive personal and financial information, '
'including names, Social Security numbers, '
'driver’s license numbers, financial account '
'details, medical information, and health '
'insurance data',
'identity_theft_risk': 'High (due to exposure of Social Security '
'numbers and financial details)',
'payment_information_risk': 'High (due to exposure of financial '
'account details)'},
'investigation_status': 'Completed (review finalized on August 7, 2025)',
'lessons_learned': 'Prolonged delays in breach detection, investigation, and '
'notification highlight the need for improved data '
'security practices and faster response times.',
'post_incident_analysis': {'corrective_actions': 'Implementation of credit '
'monitoring services, review '
'of affected systems, and '
'regulatory notifications',
'root_causes': 'Unauthorized access to systems, '
'delayed detection and response'},
'recommendations': 'Enhance monitoring for unauthorized access, implement '
'stricter data protection measures, and reduce timeframes '
'for breach investigation and notification.',
'references': [{'source': 'Regulatory filings with attorneys general of '
'Maine, New Hampshire, and Texas'}],
'regulatory_compliance': {'regulatory_notifications': 'Filed with attorneys '
'general of Maine, New '
'Hampshire, and Texas'},
'response': {'communication_strategy': 'Regulatory filings with attorneys '
'general of Maine, New Hampshire, and '
'Texas; notification letters to '
'affected individuals with enrollment '
'instructions for credit monitoring',
'containment_measures': 'Secured network after detecting '
'unauthorized access',
'recovery_measures': 'Offering 12 months of free credit '
'monitoring and identity theft protection',
'remediation_measures': 'Review of affected systems and files '
'completed by August 7, 2025',
'third_party_assistance': 'Cyberscout (a TransUnion company)'},
'title': 'Universal Pure LLC Data Breach Affecting Over 1,100 Individuals',
'type': 'Data Breach'}