What Happened in the Henry Rossi Data Breach?
Henry Rossi & Co., LLP, a certified public accounting firm based in Monroeville, Pennsylvania, has disclosed a data breach involving sensitive personal information. The firm reported that an unauthorized actor gained access to its computer environment on Jan. 17 and Jan. 18, 2026. During this two-day window, the intruder accessed certain files stored within the firm’s systems.
According to the firm, staff detected suspicious activity and moved quickly to respond. As a result, Henry Rossi launched a forensic investigation to determine the scope of the intrusion. That investigation confirmed the unauthorized individual accessed audit records tied to the Steamfitters Local #449 Medical & Benefit Fund.
After the forensic review wrapped up, Henry Rossi conducted a separate internal review of the affected files. This step aimed to identify whether the accessed files contained sensitive personal information. The firm completed this detailed review on April 3, 2026, several months after the initial intrusion occurred.
Because the review process took time, individuals did not learn about the breach right away. However, the firm eventually filed a formal disclosure and began notifying those affected. This sequence of events reflects a common pattern in data breach cases, where forensic and privacy reviews often extend well beyond the date of the actual intrusion.
Who Was Affected?
The Henry Rossi data breach affected approximately 2,720 individuals in the United States. These individuals appear to be connected to the Steamfitters Local #449 Medical & Benefit Fund, since the accessed files were audit records related to that fund. This suggests the affected group likely includes fund members, beneficiaries, or related individuals whose data the firm handled during audit work.
The firm has not publicly disclosed additional details about the specific relationship each affected person has to the fund. If you received a notification letter from Henry Rossi, this likely means your information was among the files accessed during the intrusion.
What Information Was Potentially Exposed?
The breach exposed several categories of sensitive personal information. Because the accessed files were audit records, they likely contained detailed personal and financial data tied to fund members. The firm’s internal review confirmed specific types of information involved in the incident.
- Full names
- Social Security numbers
- Dates of birth
This combination of data creates meaningful risk for affected individuals. In particular, Social Security numbers paired with full names and birth dates give criminals nearly everything needed to commit identity theft. For example, this data can be used to open fraudulent credit accounts, file false tax returns, or apply for loans in someone else’s name.
Because this information does not change over time, the risk does not disappear quickly. As a result, affected individuals should remain alert for signs of misuse for months or even years after the breach.
What Is the Company Doing?
Henry Rossi responded to the breach by launching a forensic investigation to determine what happened and which files were involved. The firm then conducted a follow-up internal review to assess whether exposed files contained sensitive personal data. This review concluded on April 3, 2026.
In addition, the firm posted a notice describing the breach on its website. Henry Rossi also filed a disclosure with the U.S. Department of Health and Human Services on June 2, 2026. Shortly afterward, the firm began notifying affected individuals directly, starting on June 10, 2026.
To support affected individuals, Henry Rossi set up a dedicated phone line. Representatives are available Monday through Friday from 9:00 a.m. to 9:00 p.m. Eastern Time, excluding major U.S. holidays. Individuals with questions about the incident can call this line for guidance.
Notably, the firm’s notification did not include an offer of free credit monitoring or identity protection services. This means affected individuals may need to take extra steps on their own to monitor for potential misuse of their information.
What Should Affected Individuals Do?
Monitor Your Credit Reports Closely
Because Social Security numbers were exposed, affected individuals should check their credit reports regularly. You can request free credit reports from all three major credit bureaus. Look carefully for unfamiliar accounts, inquiries, or changes that you did not authorize. If you spot anything suspicious, report it right away to the credit bureau involved.
Consider a Fraud Alert or Credit Freeze
Given that Social Security numbers and dates of birth were involved, placing a fraud alert or credit freeze offers strong protection. A fraud alert requires lenders to verify your identity before opening new credit in your name. A credit freeze goes further by blocking access to your credit file entirely. Either option can help prevent identity thieves from opening fraudulent accounts using your information.
Stay Alert for Phishing Attempts
After a breach like this, scammers often try to exploit the situation through phishing emails, texts, or phone calls. Therefore, be cautious of unexpected messages asking for personal or financial information. Henry Rossi will not likely ask for sensitive details over email. Instead, verify any communication by contacting the firm directly through its official phone line.
Review Financial and Medical Benefit Statements
Since the exposed files came from a medical and benefit fund audit, affected individuals should also review benefit statements and financial records tied to that fund. Look for any unusual claims or account activity. If anything appears unfamiliar, contact the fund administrator or Henry Rossi’s dedicated support line for clarification.
Consult a Data Breach Attorney
Finally, affected individuals may want to speak with a data breach attorney to understand their legal options. Many attorneys offer free case evaluations for situations like this one. This means you can learn about potential compensation or class action participation without any upfront cost.
