Yellow Corp. Discloses Data Breach Affecting Thousands of Former Employees
Yellow Corp. and its affiliated debtors-in-possession under Chapter 11 bankruptcy (Case No. 23-11069) reported a data breach on March 27, 2025, after detecting unauthorized access to its computer network. The company, working with third-party cybersecurity experts, confirmed that files containing sensitive personal information were exfiltrated during the incident.
The exposed data includes names, Social Security numbers, dates of birth, driver’s license and passport numbers, financial account details, payment card numbers, medical records, and health insurance information. The breach impacted 13,183 Texas residents, 491 Massachusetts residents, and 37 Vermont residents, with the majority of affected individuals identified as former Yellow employees.
Yellow Corp. notified the California Attorney General and published a breach notice on its website. In response, the company is offering affected individuals free credit monitoring resources, including guidance on fraud alerts, credit freezes, and annual credit report access. A dedicated assistance line (833-289-4340) and mailing address (11500 Outlook St., Suite 400, Overland Park, KS 66211) have been established for inquiries.
Source: https://www.claimdepot.com/data-breach/yellow-corporation-2026
Yellow cybersecurity rating report: https://www.rankiteo.com/company/yellowcorporation
"id": "YEL1783017117",
"linkid": "yellowcorporation",
"type": "Breach",
"date": "3/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '13,183 Texas residents, 491 '
'Massachusetts residents, 37 '
'Vermont residents (majority '
'former employees)',
'industry': 'Transportation/Logistics',
'location': 'Overland Park, KS, USA',
'name': 'Yellow Corp.',
'type': 'Corporation'}],
'customer_advisories': 'Free credit monitoring resources offered; guidance on '
'fraud alerts, credit freezes, and annual credit '
'report access. Dedicated assistance line '
'(833-289-4340) and mailing address (11500 Outlook '
'St., Suite 400, Overland Park, KS 66211) provided.',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': '13,711+ (13,183 Texas, 491 '
'Massachusetts, 37 Vermont '
'residents)',
'personally_identifiable_information': ['Names',
'Social Security '
'numbers',
'Dates of birth',
'Driver’s license '
'numbers',
'Passport numbers'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally Identifiable '
'Information',
'Financial Information',
'Medical Records',
'Health Insurance Information']},
'date_publicly_disclosed': '2025-03-27',
'description': 'Yellow Corp. and its affiliated debtors-in-possession under '
'Chapter 11 bankruptcy reported a data breach after detecting '
'unauthorized access to its computer network. Files containing '
'sensitive personal information were exfiltrated during the '
'incident.',
'impact': {'data_compromised': 'Sensitive personal information including '
'names, Social Security numbers, dates of '
'birth, driver’s license and passport numbers, '
'financial account details, payment card '
'numbers, medical records, and health '
'insurance information',
'identity_theft_risk': 'High',
'payment_information_risk': 'High',
'systems_affected': 'Computer network'},
'investigation_status': 'Ongoing',
'ransomware': {'data_exfiltration': 'Yes'},
'references': [{'date_accessed': '2025-03-27',
'source': 'Yellow Corp. Breach Notice'}],
'regulatory_compliance': {'regulatory_notifications': ['California Attorney '
'General']},
'response': {'communication_strategy': 'Breach notice published on company '
'website; notification to California '
'Attorney General',
'third_party_assistance': 'Third-party cybersecurity experts'},
'title': 'Yellow Corp. Data Breach Affecting Thousands of Former Employees',
'type': 'Data Breach'}