Apex Class Action LLC Data Breach Lawsuit Investigation
File Your Claim Now

Dapeer Law, P.A., a top-rated class action law firm, is investigating the Apex Class Action LLC data breach. If you received notice that your information was exposed during this breach, you may be entitled to compensation. It's free to join our investigation to see if we can help you recover.

Apex Class Action Data Breach Lawsuit Investigation

Did you receive a letter from Apex Class Action about your data being exposed? A recent vendor hack leaked highly sensitive personal details—including Social Security numbers—of people involved in class-action matters. Find out how to protect yourself and whether you can pursue compensation below.

Key Takeaways

  • Breach discovered: July 25, 2025 (initial alert July 14, 2025).
  • Root cause: Cyber-attack on address-lookup vendor IMDataCenter.
  • Information exposed: Names, Social Security numbers, dates of birth, addresses, government IDs, medical and financial data.
  • Free protection: 24 months of three-bureau credit monitoring via TransUnion.
  • Breach reported to regulators: California & Massachusetts Attorneys General in mid-August 2025.

What Happened?

Apex Class Action LLC—an Irvine, California–based settlement administrator—relies on outside vendors to verify claimant addresses. One such vendor, IMDataCenter, experienced a cybersecurity incident that allowed an unauthorized actor to access Apex-related files stored on its systems.

IMDataCenter notified Apex on . After forensic investigators confirmed the intrusion and identified the files involved, Apex concluded on that personal information from class-action and PAGA participants had indeed been compromised.

What Data Was Compromised?

The investigation determined that the following categories of personally identifiable information (PII) were exposed:

  • Full names
  • Social Security numbers
  • Dates of birth
  • Mailing addresses
  • Government-issued identification numbers
  • Limited medical information
  • Limited financial information

Even a single data point—especially an SSN—can enable identity theft and fraud. When multiple elements are combined, the risk escalates dramatically.

How Apex Class Action Responded

Apex quickly fulfilled its state and federal reporting duties, filing breach notices with the California Attorney General on and the Massachusetts Attorney General on . Personalized notification letters started mailing on .

To mitigate harm, Apex is providing all impacted individuals with 24 months of complimentary three-bureau credit monitoring and identity-theft protection through TransUnion. The company also recommends vigilance for phishing attempts.

Your Next Steps

If you received a breach notice (or suspect you were affected), you can take the following actions immediately:

  • Enroll in credit monitoring: Use the activation code in Apex’s letter to sign up for two years of free protection.
  • Review your credit reports: Look for unfamiliar accounts or inquiries. You’re entitled to one free report per bureau each year via AnnualCreditReport.com.
  • Set fraud alerts or freezes: A fraud alert is free and lasts one year; a freeze blocks new credit until you lift it.
  • Monitor financial and medical statements: Report suspicious charges right away.
  • Beware of scams: Neither Apex nor the credit-monitoring provider will call or email asking for your SSN, password, or payment information.

Possible Legal Remedies

Under privacy and consumer-protection laws, organizations that fail to safeguard personal data may owe victims compensation for:

  • Out-of-pocket expenses (e.g., credit-monitoring fees, bank charges)
  • Lost time spent dealing with identity-theft issues
  • Emotional distress and loss of privacy
  • Actual monetary losses from fraudulent activity

Investigations are underway to determine Apex’s and IMDataCenter’s liability. If negligence or inadequate security controls contributed to the breach, affected individuals could be eligible to join a class-action lawsuit to recover damages. Consulting with an experienced data-breach attorney can help you assess your eligibility and preserve your rights.

Frequently Asked Questions

How do I know if I was affected by the Apex Class Action data breach?

Apex mailed formal notices beginning August 15, 2025. Check any recent mail labelled “Notice of Data Breach.” If your current or former address may have changed, contact Apex Class Action directly via its public website to verify.

What information did the hackers obtain in the Apex Class Action incident?

According to regulatory filings, the exposed data includes names, Social Security numbers, dates of birth, mailing addresses, certain government-issued IDs, and limited medical and financial details.

Do I have to pay for the credit monitoring offered by Apex Class Action?

No. Apex is covering the cost of 24 months of three-bureau credit monitoring and identity-theft services. Follow the instructions in your letter to enroll for free.

Can I sue Apex Class Action for the data breach?

Potentially. If investigations show that Apex or its vendor failed to implement reasonable cybersecurity measures, victims may have grounds for a lawsuit seeking reimbursement for losses and other damages. Speak with a qualified data-breach attorney to evaluate your claim.

Will placing a credit freeze impact my credit score?

No. A freeze does not affect your existing credit profile or score; it simply blocks new credit inquiries. You can lift or reinstate it at any time using the PIN each bureau provides.

Attorney Advertising. Prior results do not guarantee a similar outcome.

File Your Claim Now