DBM Global Data Breach Lawsuit Investigation
Were you one of the 20,104 people put at risk by DBM Global’s recent cyber-attack? Stolen Social Security numbers and dates of birth can fuel identity theft for years. Find out how to safeguard your data and see if you can seek compensation now.
Download Official Breach Notice (PDF)What Happened?
DBM Global Inc.—a Phoenix-based construction and steel-fabrication company—detected unusual network activity on November 20, 2024. A forensic investigation confirmed that an unauthorized actor accessed and exfiltrated files eight days earlier, on November 12, 2024. By August 4, 2025, the company verified that sensitive personal information belonging to 20,104 U.S. residents had been compromised.
What Information Was Exposed?
According to mandatory disclosures filed with multiple state Attorneys General, the intruder may have obtained:
- Full names
- Social Security numbers
- Dates of birth
- Postal addresses
- Government-issued ID details
- Medical and financial information
The combination of Social Security numbers and dates of birth is particularly valuable to fraudsters because it enables the rapid creation of new credit accounts, tax-refund scams and medical identity theft.
Who Is Impacted?
Although the breach is nationwide, state filings list confirmed resident counts for:
- Texas: 2,293 individuals
- Maine: 12 individuals
- Massachusetts: 3 individuals
Notifications began on December 23, 2024. If you received a letter or email from DBM Global, your data is considered exposed.
DBM Global’s Response
In addition to notifying state regulators, the company hired cybersecurity specialists and is offering affected consumers:
- Up to 24 months of IDX credit & CyberScan monitoring
- A $1 million identity-theft insurance policy
- Fully managed identity-recovery assistance
The enrollment deadline is March 23, 2025.
Your Legal Options
Under federal and state privacy laws, victims may pursue compensation for:
- Out-of-pocket expenses (credit freezes, notarization, postage, etc.)
- Lost time spent mitigating fraud risk
- Unauthorized charges or loan balances
- Anxiety, emotional distress and loss of privacy
Class-action investigations are now underway. If you qualify, legal action could help cover costs the free monitoring does not.
Immediate Steps to Protect Yourself
- Enroll in the complimentary IDX plan offered by DBM Global.
- Monitor bank, credit-card and insurance statements for suspicious charges.
- Place a fraud alert or credit freeze with major bureaus if you see anything unusual.
- Update passwords on email and financial accounts; enable multi-factor authentication.
- Beware of phishing communications referencing the breach.
Frequently Asked Questions
How do I know if I am part of the DBM Global data breach?
You should receive a written notice from DBM Global or your state Attorney General. If the letter matches your personal details, you are affected.
What compensation is available after the DBM Global breach?
Potential remedies include reimbursement for fraud-related expenses, credit-monitoring costs beyond the free period, and damages for emotional distress—typically pursued through a class-action lawsuit.
Is DBM Global providing free credit monitoring?
Yes. The company partnered with IDX to offer 24 months of credit and CyberScan monitoring, a $1 million insurance policy, and identity-recovery services.
Should I place a credit freeze because of the DBM Global incident?
A freeze is the most secure way to block new credit accounts in your name. It is free with all three major bureaus and does not affect your credit score.
Can I still join a lawsuit if I have not experienced fraud yet?
Yes. Courts often recognize the increased risk of identity theft as a compensable injury, even if fraud has not yet occurred.
Next Steps
If you received a breach notice from DBM Global, consider contacting an experienced privacy attorney to evaluate your claim. Time limits (statutes of limitation) apply, so acting promptly preserves your rights.