Teamsters Union 25 Health Services & Insurance Plan Data Breach 2025: 19,231 Members and Dependents Exposed in Network Hack. Class-Action Investigations Open. What To Do.
Teamsters Union 25 Health Services & Insurance Plan (MA) filed a HIPAA breach notification with HHS OCR on September 3, 2025, after detecting unauthorized network activity on August 1, 2025. The Plan reports 19,231 affected individuals. Names, Social Security numbers, member IDs, health information, and health insurance information were exposed. Twelve months of TransUnion/Cyberscout credit monitoring offered. Multiple plaintiffs' firms have opened class-action investigations.
You have options. Scroll for the exact action steps, what your provider’s response covers, and what your health data needs beyond credit monitoring.
Timeline
Aug 1, 2025
Plan identifies unauthorized activity within its network; isolates and secures the environment; engages third-party cybersecurity specialists
Aug 1, 2025
Attacker gained access
Aug 18, 2025
Forensic review of affected files completed; data confirmed accessed and potentially copied
Sep 3, 2025
Individual notification letters mailed; HHS OCR breach report filed (19,231 affected; Network Server; Hacking/IT Incident); state AG filings submitted to Vermont, Maine, Massachusetts, and other jurisdictions
Sep 3, 2025
Disclosed publicly
Sep 4, 2025
Plaintiffs' firms publicly open class-action investigations
Aug 1, 2025
Plan identifies unauthorized activity within its network; isolates and secures the environment; engages third-party cybersecurity specialists
Aug 1, 2025
Attacker gained access
Aug 18, 2025
Forensic review of affected files completed; data confirmed accessed and potentially copied
Sep 3, 2025
Individual notification letters mailed; HHS OCR breach report filed (19,231 affected; Network Server; Hacking/IT Incident); state AG filings submitted to Vermont, Maine, Massachusetts, and other jurisdictions
Sep 3, 2025
Disclosed publicly
Sep 4, 2025
Plaintiffs' firms publicly open class-action investigations
Data exposed
01
High-risk identity
Enables financial + identity theft
03
Contact & insurance
Phishing + targeted scams
Class actions filed by
These firms have publicly announced investigations. You may be eligible to join. We are not a law firm and cannot give legal advice.
Your action plan, in five steps.
You have more rights than the notification letter explains. Each step below is a concrete thing you can do today. Full detail and timing in the sections that follow.
01
Accept credit monitoring
It’s the floor of the response. Take it.
02
Freeze your credit
Free at Equifax, Experian, TransUnion.
03
File IRS Form 14039
Prevent fraudulent tax return under your SSN.
04
Review your EOBs
Insurance statements catch medical identity theft early.
05
Stop the ongoing flow
Credit monitoring doesn’t cover your health records. HealthConsent does.
Teamsters Union 25 Health Services & Insurance Plan, the multi-employer Taft-Hartley fund that delivers health benefits to Teamsters Local 25 members and their dependents across New England, filed a HIPAA breach notification with HHS OCR on September 3, 2025, reporting 19,231 affected individuals in a Hacking/IT Incident at a Network Server. Unauthorized activity was first detected on August 1, 2025; the Plan mailed individual notification letters the same day it filed with OCR.
Timeline
- August 1, 2025. The Plan identifies unauthorized activity within its network, isolates and secures the environment, and engages third-party cybersecurity specialists.
- August 18, 2025. Forensic review of affected files concludes. Investigators confirm that “certain data within our network was accessed and potentially copied without authorization.”
- September 3, 2025. Individual notification letters mailed. HHS OCR breach report filed: 19,231 affected, Network Server, Hacking/IT Incident. Concurrent filings made with Vermont, Maine, Massachusetts, and other state attorneys general.
- September 4 to 5, 2025. Multiple plaintiffs’ firms publicly open class-action investigations.
What was exposed
The Plan’s substitute notice at teamsterscare.com, the Vermont and Maine attorney general filings, and class-action firm pages list the following data elements:
- Full name
- Social Security number
- Member ID
- Health information
- Health insurance information
The Plan notes that the potentially impacted information may vary by individual and may include all or just one of these categories. Your individual notification letter will identify the exact subset of elements that applied to your record.
Who is notifying you, and why
Teamsters Union 25 Health Services & Insurance Plan, also known as TeamstersCare, is the HIPAA covered entity in this breach, not the union local itself. The Plan is a multi-employer health and welfare fund governed by a Board of Trustees and headquartered at 529 Main Street, Suite 209, Charlestown, MA 02129. It administers medical, prescription, dental, vision, and related benefits for Teamsters Local 25 members and their eligible dependents.
If you are a current or former Local 25 member, or a covered spouse, child, or other dependent enrolled in the Plan during the affected period, you are the population the Plan is writing to. Notices were sent by U.S. Mail to the address the Plan has on file. A dedicated assistance line was established at 1-833-456-5065 (Monday to Friday, 8am to 8pm EST), and the Plan is offering 12 months of complimentary credit monitoring and identity theft protection through Cyberscout, a TransUnion subsidiary, using the unique code printed in each notification letter.
Because the Plan is a Taft-Hartley fund, both active members and retirees who carried benefits through Local 25 should expect to be in scope. Dependents covered under a member’s plan are independently in scope and may receive their own letter if the Plan has separate address data on file.
Class-action posture
As of mid-May 2026, no consolidated complaint has been publicly docketed, but at least four plaintiffs’ firms have opened investigations and are signing up affected individuals: Strauss Borrelli PLLC, Federman & Sherwood, Edelson Lechtzin LLP, and Lynch Carpenter LLP. The pairing of Social Security numbers with HIPAA-regulated health and health-insurance data, combined with the size of the affected population, is the fact pattern that typically drives negligence and breach-of-fiduciary-duty claims against multi-employer health funds. This page will be updated when a complaint is filed.
What to do
- Read your notification letter carefully. It will list the exact data elements that applied to your record and include the credit-monitoring enrollment code. Enroll within the deadline printed in the letter so coverage starts.
- Place free credit freezes at Equifax, Experian, and TransUnion. SSN exposure is confirmed, so a freeze is the highest-leverage step you can take.
- File IRS Form 14039 if you have any reason to suspect tax-related identity theft, and pull a free credit report at annualcreditreport.com.
- Watch your health-plan EOBs for claims you did not receive. Exposure of member IDs and health-insurance information raises the risk of medical identity theft and false-claim activity against your Plan benefits.
- Call the dedicated assistance line at 1-833-456-5065 if you have questions about whether your record was affected or how to enroll in monitoring.
- If you want to stop the ongoing flow of your data to plan administrators, vendors, and downstream business associates, HealthConsent files HIPAA restriction requests against the covered entity and its known business associates.
Sources
- HHS Office for Civil Rights Breach Portal — federal regulatory record (filed September 3, 2025; 19,231 affected; Network Server; Hacking/IT Incident).
- Teamsters Union 25 HSIP — Data Incident Notice — entity’s own substitute notice, timeline, exposed-data listing, response measures.
- Vermont Attorney General — Teamsters Union 25 HSIP Data Breach Notice — state AG filing.
- Maine Attorney General breach notice — entity identification, credit-monitoring offering, Cipriani & Werner counsel of record.
- HIPAA Journal — Teamsters Union 25 Hacking Incident Affects 19,000 Members — affected count, timeline, exposed data elements.
- ClassAction.org — Teamsters Union 25 HSIP Data Breach — class-action investigation summary.
- Strauss Borrelli PLLC investigation — class-action investigation announcement.
- Federman & Sherwood investigation — class-action investigation announcement.
- Edelson Lechtzin LLP investigation (GlobeNewswire) — class-action investigation announcement.
Credit monitoring covers your wallet. HealthConsent covers your health records.
Your stolen diagnoses, test results, and medical record numbers don’t expire when the free credit-monitoring window ends. HealthConsent automates HIPAA restriction requests and opt-outs across providers, insurers, HIEs, and prescription networks so the data taken in this breach can’t keep being shared and sold by other entities downstream.
Protect my health dataCancel anytime · Family plan covers spouses + dependents
Sources & further reading
- HHS Office for Civil Rights Breach Portal
- Teamsters Union 25 HSIP — Data Incident Notice (teamsterscare.com)
- Vermont Attorney General — Teamsters Union 25 HSIP Data Breach Notice to Consumers
- Maine Attorney General — Teamsters Union 25 HSIP breach notice
- HIPAA Journal — Teamsters Union 25 Hacking Incident Affects 19,000 Members
- ClassAction.org — Teamsters Union 25 HSIP Data Breach
- Strauss Borrelli PLLC — Teamsters Union 25 HSIP Data Breach Investigation
- Federman & Sherwood — Teamsters Union 25 HSIP Data Breach Investigation
- Edelson Lechtzin LLP — Data Breach Alert (GlobeNewswire)
Official HHS OCR Breach Portal: ocrportal.hhs.gov
About this page
This page is compiled from public regulatory filings, the breached entity’s own disclosures, and reporting from established healthcare-privacy outlets. Some sections are assembled with the help of automated research and may contain errors, summaries that lag the underlying source, or details that have since been revised. Treat it as a starting point, not legal advice or an authoritative record. If you spot something inaccurate, the linked sources above are the canonical record. For questions about your individual situation, contact the breached entity directly or consult a licensed attorney.