Overview

• HSGI says unauthorized access occurred from September 27 to October 3, 2024, after detection on or about October 7, 2024.
• A subsequent investigation determined that files were accessed and copied impacting approximately 624,496 individuals.
• Potentially exposed information includes names, Social Security numbers, driver’s or state ID numbers, financial account details, and account access credentials.
• Breach notices began going out on August 25, 2025, with offers of 12 to 24 months of credit monitoring and identity-theft protection.
• The company reports no evidence of misuse to date, no ransomware group has claimed responsibility, and plaintiff firms Murphy Law Firm and Edelson Lechtzin LLP are pursuing potential class actions.