“We immediately launched a full containment protocol upon discovery,” said PDL spokesperson Maya Cortez. “Our preliminary investigation indicates that the exposed data relates to a subset of enterprise customers who used our identity verification services between 2022 and 2025. We have since secured the affected server and are rotating all internal access keys.”
This story is developing. PDL has promised a full public report within 45 days. We will update as more information becomes available. pdl customer breach
The breach, which appears to have occurred in late March 2026, reportedly exposed sensitive personal information belonging to thousands of individuals, including names, physical addresses, phone numbers, email addresses, and in some cases, partial financial data. “We immediately launched a full containment protocol upon
The breach is likely to draw scrutiny from state attorneys general and federal regulators, particularly given PDL’s role as a data processor for other businesses. Class-action lawsuits have already been filed in the Northern District of California, alleging negligence and violation of data protection laws. PDL has promised a full public report within 45 days