Topstep Data Breach: SSNs Exposed
By Join The Case · Published December 23, 2025 · Updated December 23, 2025 · 5 min read
File Your Claim Now

Dapeer Law, P.A., a top-rated class action law firm, is investigating the Topstep data breach. If you received notice that your information was exposed during this breach, you may be entitled to compensation. It's free to join our investigation to see if we can help you recover.

See Featured Articles
Petco Data Breach Affects Subscriber Privacy Petco Data Breach Affects Subscriber Privacy Were you hired to help train AI models? Were you hired to help train AI models? Received a Parking Ticket Notice in the Mail from Parking Revenue Recovery Services? Received a Parking Ticket Notice in the Mail from Parking Revenue Recovery Services? The Washington Post Data Breach: SSNs Exposed The Washington Post Data Breach: SSNs Exposed Late-Night and Early-Morning Unwanted Text Messages Late-Night and Early-Morning Unwanted Text Messages

Topstep Data Breach Lawsuit Investigation

On December 22, 2025, trading-education firm Topstep notified regulators of a recent credential-stuffing cyber-attack that potentially exposed customer information. If you received a breach letter, you may be entitled to free identity-protection services or monetary relief. Use the resources below to understand your rights and next steps.

Download Official Breach Notice (PDF)

What Happened?

  • Breach method: Automated credential-stuffing attack on user accounts.
  • Incident start date: November 26, 2025.
  • Discovery & containment: Topstep detected the intrusion and immediately blocked the threat actors’ IP addresses, forced password resets, and launched an investigation.
  • Regulatory notice filed: December 22, 2025 (Texas & Maine).
  • Total individuals affected: 222 (TX residents reported; overall total reported to regulators).

What Information Was Exposed?

According to Topstep’s investigation, the unauthorized actors may have accessed:

  • Name
  • Contact information & address
  • Profile information (screen name)
  • ID or tax identification number
  • Social Security number

How Topstep Responded

Topstep LLC (“Topstep”) implemented the following measures immediately after detecting the attack:

  • Blocked malicious IP addresses and accounts involved in the attack.
  • Forced password resets for all potentially affected users.
  • Ongoing review and enhancement of IT systems, login settings, and security infrastructure.

Recommended Actions for Affected Users

Topstep advises impacted individuals to:

  • Remain vigilant and report any unauthorized changes to Topstep using the contact information in the breach letter.
  • Review credit files and consider placing a 90-day fraud alert with one of the three nationwide credit bureaus.
  • Obtain free annual credit reports at AnnualCreditReport.com.
  • If you detect suspicious activity, file a police report and keep a copy for creditors.
  • Consider a security freeze on your credit reports to block new credit inquiries.
  • If notified by the IRS of possible tax fraud, complete and submit IRS Form 14039 Identity Theft Affidavit.

Can You File a Claim or Join a Lawsuit?

Individuals whose personal data was compromised may seek legal remedies, including reimbursement for out-of-pocket losses and time spent responding to the breach. Class-action investigations examine whether Topstep employed adequate security and timely notified consumers. Preserve your rights by:

  1. Keeping copies of the breach letter and any related correspondence.
  2. Documenting fraudulent charges or credit issues.
  3. Contacting a data-breach attorney to evaluate eligibility for compensation.

Company Overview

Topstep LLC (Topstep) helps traders develop skills and earn funding by simulating futures trading environments.

  • Website: topstep.com
  • Headquarters: 141 W Jackson Blvd, Suite 4240, Chicago, Illinois, United States
  • Founded: 2012
  • Industry: Financial Services / Trading Education
  • Employees: 51–200
  • Social: LinkedIn | X | Facebook | YouTube | Instagram

Frequently Asked Questions

I received a data breach letter from Topstep — what should I do?

Follow the letter’s instructions, reset your Topstep password, monitor credit reports, and consider fraud alerts or security freezes as outlined above.

How do I submit a claim related to the Topstep data breach?

Collect your breach notice and evidence of losses, then consult an attorney experienced in data-breach litigation to determine eligibility for individual or class claims.

Am I eligible to join a lawsuit against Topstep?

If your personal data listed in the notice was accessed, you may qualify. Eligibility often depends on residency, damages, and litigation venue—speak with counsel for details.

What information did the Topstep breach expose?

The incident may have exposed names, contact details, screen names, ID or tax numbers, and Social Security numbers.

Did Topstep offer credit monitoring?

The company’s notice recommends self-monitoring and fraud alerts; it does not specify a complimentary credit-monitoring service.

How many people were affected by the Topstep breach?

Regulatory filings indicate 222 individuals were impacted.

How can I get the official breach notice (PDF) for Topstep?

You can download it directly from the Maine Attorney General’s website using the link provided above.

Attorney Advertising. Prior results do not guarantee a similar outcome.

File Your Claim Now

Meet Our Team

The dedicated professionals committed to helping you understand your legal rights.

Rachel Dapeer

Rachel Dapeer

Founding Partner at Dapeer Law

Learn More
Edgar Cruz

Edgar Cruz

Attorney at Dapeer Law

Learn More
View Full Team Page