Yellow Corp.: Yellow Corporation Data Breach Impacts 13k: PHI and PII Exposed

Yellow Corp.: Yellow Corporation Data Breach Impacts 13k: PHI and PII Exposed

Yellow Corp. Discloses Data Breach Affecting Thousands of Former Employees

Yellow Corp. and its affiliated debtors-in-possession under Chapter 11 bankruptcy (Case No. 23-11069) reported a data breach on March 27, 2025, after detecting unauthorized access to its computer network. The company, working with third-party cybersecurity experts, confirmed that files containing sensitive personal information were exfiltrated during the incident.

The exposed data includes names, Social Security numbers, dates of birth, driver’s license and passport numbers, financial account details, payment card numbers, medical records, and health insurance information. The breach impacted 13,183 Texas residents, 491 Massachusetts residents, and 37 Vermont residents, with the majority of affected individuals identified as former Yellow employees.

Yellow Corp. notified the California Attorney General and published a breach notice on its website. In response, the company is offering affected individuals free credit monitoring resources, including guidance on fraud alerts, credit freezes, and annual credit report access. A dedicated assistance line (833-289-4340) and mailing address (11500 Outlook St., Suite 400, Overland Park, KS 66211) have been established for inquiries.

Source: https://www.claimdepot.com/data-breach/yellow-corporation-2026

Yellow cybersecurity rating report: https://www.rankiteo.com/company/yellowcorporation

"id": "YEL1783017117",
"linkid": "yellowcorporation",
"type": "Breach",
"date": "3/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '13,183 Texas residents, 491 '
                                              'Massachusetts residents, 37 '
                                              'Vermont residents (majority '
                                              'former employees)',
                        'industry': 'Transportation/Logistics',
                        'location': 'Overland Park, KS, USA',
                        'name': 'Yellow Corp.',
                        'type': 'Corporation'}],
 'customer_advisories': 'Free credit monitoring resources offered; guidance on '
                        'fraud alerts, credit freezes, and annual credit '
                        'report access. Dedicated assistance line '
                        '(833-289-4340) and mailing address (11500 Outlook '
                        'St., Suite 400, Overland Park, KS 66211) provided.',
 'data_breach': {'data_exfiltration': 'Yes',
                 'number_of_records_exposed': '13,711+ (13,183 Texas, 491 '
                                              'Massachusetts, 37 Vermont '
                                              'residents)',
                 'personally_identifiable_information': ['Names',
                                                         'Social Security '
                                                         'numbers',
                                                         'Dates of birth',
                                                         'Driver’s license '
                                                         'numbers',
                                                         'Passport numbers'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personally Identifiable '
                                              'Information',
                                              'Financial Information',
                                              'Medical Records',
                                              'Health Insurance Information']},
 'date_publicly_disclosed': '2025-03-27',
 'description': 'Yellow Corp. and its affiliated debtors-in-possession under '
                'Chapter 11 bankruptcy reported a data breach after detecting '
                'unauthorized access to its computer network. Files containing '
                'sensitive personal information were exfiltrated during the '
                'incident.',
 'impact': {'data_compromised': 'Sensitive personal information including '
                                'names, Social Security numbers, dates of '
                                'birth, driver’s license and passport numbers, '
                                'financial account details, payment card '
                                'numbers, medical records, and health '
                                'insurance information',
            'identity_theft_risk': 'High',
            'payment_information_risk': 'High',
            'systems_affected': 'Computer network'},
 'investigation_status': 'Ongoing',
 'ransomware': {'data_exfiltration': 'Yes'},
 'references': [{'date_accessed': '2025-03-27',
                 'source': 'Yellow Corp. Breach Notice'}],
 'regulatory_compliance': {'regulatory_notifications': ['California Attorney '
                                                        'General']},
 'response': {'communication_strategy': 'Breach notice published on company '
                                        'website; notification to California '
                                        'Attorney General',
              'third_party_assistance': 'Third-party cybersecurity experts'},
 'title': 'Yellow Corp. Data Breach Affecting Thousands of Former Employees',
 'type': 'Data Breach'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.